My  green  data  center 

Data  center  energy  initiatives  are  hot  and  can 
save  companies  cold  cash. 

PAGE  12. 
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in  management 
III  COMPANIES  TO  WATCH 

Management 
start-ups  step  in 
to  steal  spotlight 

BY  DENISE  DUBIE 

BMC,  CA,  HP  and  IBM  had  better  watch  their 
backs. 

“It  is  the  right  time  for  a  more  unified,  easier-to- 
use  management  solution,” says  Robert  Abbott,  a 
principal  with  venture  capitalist  firm  Norwest 
Venture  Partners,  which  is  bullish  on  the  market. 
“Enterprise  networks  and  data  centers  are  so 
complex  and  fragmented  that  IT  professionals 
need  to  reduce  the  time  spent  managing 
devices,  servers  and  desktops.  They  want  sim¬ 
plicity  in  their  management  environment  toda/ 
he  says. 

A  group  of  start-ups  intends  to  revamp  the  cur¬ 
rent  landscape  of  network,  systems  and  applica¬ 
tion  management  tools  with  easy-to-deploy,  low- 
cost  —  in  some  cases,  free  —  products  that  can 
address  more  quickly  the  most  pressing  issues  of 
IT  managers.  Despite  the  race  among  the  man¬ 
agement  heavyweights  to  fill  holes  in  their  prod¬ 
uct  suites  through  acquisitions,  newcomers  are 
stealing  the  spotlight  with  software  and  appli¬ 
ances  that  reduce  manual  labor,  speed  problem 
resolution  and  make  it  easier  to  manage  net¬ 
works  of  all  sizes. 

“Eighty  percent  of  what  large  enterprises 
spend  in  IT  goes  toward  maintaining  and  oper¬ 
ating  the  current  infrastructure,  rather  than  in¬ 
vesting  in  new  projects,”  says  Stephen  Bowsher, 
general  partner  at  InterWest  Partners,  a  venture 
capital  firm  that  has  invested  in  Symphoniq. 

See  Management,  page  24 
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m  WiderNet _ 

The  changing  art 
of  measuring 
TV  viewership 

TiVo,  iPods  forcing  ratings  company 
Nielsen  to  keep  on  its  toes. 


Microsoft’s 
antipiracy  plan 
raises  concern 


BY  PHIL  HOCHMUTH 

If  everyone  started  watching  “24”  or  “CSI”  on 
video  iPods  or  streamed  over  the  Internet  — 
instead  of  on  TV  in  their  living  rooms  —  these 
top-rated  shows  would  probably  go  the  way  of 
“Cop  Rock.” 

That  is,  Jack 
Bauer  would 
become  the  vic¬ 
tim  of,  not  terror¬ 
ists,  but  bad  rat¬ 
ings.  This  is 
because  Nielsen 
Media  Research 
cannot  collect 
data  about  what 
people  watch  on 
handheld  video¬ 
viewing  gadgets  or  from  PCs  streaming  network 
TV  shows.  While  Nielsen  estimates  around  90%  of 
TV  viewing  still  happens  in  homes,  it’s  this  bur¬ 
geoning  10%  that  TV  networks  and  advertisers 
are  desperate  to  delve  into. 

“The  industry  is  just  dehydrated  for  this  data,” 
says  Bob  Luff,  Nielsen’s  CTO,  who  oversees  the 
design  of  the  technology  used  to  collect  and 

See  Nielsen,  page  14 


BY  JOHN  FONTANA 

Microsoft’s  new  antipiracy  plan 
announced  last  week  is  a 
response  to  a  multimillion-dollar 
problem,  but  it  leaves  a  number  of 
questions,  especially  for  volume¬ 
licensing  customers  who  will  have 
to  devise  new  administrative  and 
management  plans  to  ensure  their 
software  doesn’t  get  crippled. 

Microsoft’s  Software  Protection 
Plan  (SPP)  is  used  to  validate  the 
use  of  genuine  —  that  is,  paid  for 
—  copies  of  Windows  and  to  par¬ 
tially  cripple  systems  that  don’t 
pass  muster.  Microsoft  has 
stepped  up  its  attacks  on  software 
pirates,  including  26  lawsuits  it 
filed  in  July 

“In  the  business  market,  [SPP]  is 
a  mechanism  that  conceivably 
will  reduce  the  leak  of  volume¬ 
licensing  [product  activation] 
keys,  which  is  believed  to  be  a  big 
facilitator  of  piracy, but  the  flip  side 
is  that  there  is  a  burden  for  busi¬ 
ness  customers,”  says  Joe  Wilcox, 
an  analyst  with  Jupiter  Research. 
“And  that  is  going  to  be  more  cum¬ 
bersome  management.” 


As  Microsoft  nears  completion 
of  Vista,  slated  to  ship  to  corporate 
users  next  month,  SPP  is  one  of  a 
number  of  volatile  issues  churn¬ 
ing  around  the  new  operating  sys¬ 
tem.  McAfee  and  Symantec  last 
week  took  Microsoft  to  task  over 
new  features  in  Vista  to  protect  the 
Windows  kernel,  a  move  the  two 
security  competitors  say  harms 
their  products  and  their  ability  to 
compete.  (See  editorial,  page  44.) 

The  feud  started  two  years  when 
Microsoft  turned  on  its  partners 
and  began  offering  competing 
products.  But  experts  say  Micro¬ 
soft  will  have  to  give  in  eventually 
to  keep  competition  fair. 

One  feature  in  question  is  Patch- 
Guard,  which  locks  down  the  ker¬ 
nel  of  the  operating  system  so  it 
can’t  be  tampered  with.  Many 
security  products,  however,  need 
that  access  for  their  applications 
to  run  properly  PatchGuard,  intro¬ 
duced  in  Windows  XR  works  only 
See  Microsoft,  page  60 
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WLANs  find  a  home  in  tiled  work  areas,  but 

deployment  lags  in  carpeted  enterprise 
office  environments. 
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On  -Core  is  a  new  technology  designed  to  improve  performance  of  multithreaded  software  products  and  hardware-aware  multitasking  operating  systems  and  may  require  appropriate 
u;h  :  :  system  software  tor  full  benefit;  check  with  software  provider  to  determine  suitability;  not  all  customers  or  software  applications  will  necessarily  benefit  from  use  of  this  technology. 
F'*  ;;u  es  a  separately  purchased  64-bit  operating  system  and  64-bit  software  products  to  take  advantage  of  the  64-bit  processing  capabilities  of  the  Dual-Core  Intel  Xeon  Processor.  Given  the 


Xeon 

inside' 

Dual-core. 
Do  more. 


Meet  the  new  BladeSystem  c-Class  from  HP  — the  only  one  to 
feature  Thermal  Logic  Technology. 


Thanks  to  our  intuitive  Thermal  Logic 
Technology  now  you  can  assess  your 
power  usage  and  system  temperature  so 
you  can  respond  quickly  to  changing  needs. 
The  graphical  thermal  dashboard  provides 
you  with  an  instant  snapshot  of  the  power 
consumption,  heat  output  and  cooling  capacity  of  your  environment¬ 
al!  on  one  screen.  With  the  HP  BladeSystem,  you'll  have  the  ability  to 
lower  power  usage  and  heat  without  sacrificing  performance. 


Simply  plug  in  the  HP  ProLiant  BL460c  server  blade,  featuring  Dual-Core 
Intel®  Xeon®  Processors,  and  you'll  get  the  performance  and  versatility  you 
need  to  support  32-  and  64-bit  computing  environments. 


Using  the  HP  BladeSystem  for  your  business  will  keep  the  control  exactly 
where  it  should  be  — in  your  hands. 


To  experience  the  HP  BladeSystem  and  download 
an  IDC  White  Paper,  go  to  YouAlwaysHadlt.com/cool4 

Call  1-866-625-4087  or  visit  your  local  reseller 


wide  range  of  software  applications  available,  performance  of  a  system  including  a  64-bit  operating  system  will  vary.  Intel’s  numbering  is  not  a  measurement  of  higher  performance.  Intel,  the 
Intel  Logo,  Xeon  and  Xeon  Inside  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  The  information  contained  herein  is 
subject  to  change  without  notice.  ©2006  Hewlett-Packard  Development  Company,  L.P. 


INNOVATIONS 


Florida  Guardian  ad  Litem  Saw  the  Future  of  Child  Advocacy. 


Citrix  Provided  Access. 


“Custody  rulings.  Foster  care.  Adoptions.  Our  founding  vision  was  to  give  every  abused 
and  neglected  child  in  Florida  a  strong  advocate  in  court.  Two  years  later,  we’re  well  on 
our  way.  Today,  program  staff,  attorneys  and  over  5,000  volunteers  represent  more 
than  27,000  children.  Instead  of  information  in  file  drawers  scattered  all  over  the  state, 
Citrix  software  gives  advocates  secure  access  to  our  case  management  system  from 
anywhere.  Resources  are  precious,  so  we  must  apply  them  wisely,  not  waste  time 
chasing  data.  These  kids  depend  on  us.  That’s  why  we’re  depending  on  Citrix  to  take 
us  the  rest  of  the  way  to  advocate  for  every  Florida  child  in  need.  ’’ 


■I 


JOHNNY  C.  WHITE 

CIO 


Florida  Guardian  ad  Litem  Program 


your  future  today  at 
citrix.com. 


©2006  Citrix  Systems,  Inc.  All  rights  reserved.  Citrix®  is  a  trademark  of  Citrix  Systems,  Inc. 
and/or  one  or  more  of  its  subsidiaries,  and  may  be  registered  in  the  United  States  Patent  and 
Trademark  Office  and  in  other  countries.  All  other  trademarks  and  registered  trademarks  are 
the  property  of  their  respective  owners. 
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Does  application  acceleration  belong  in 
the  network  infrastructure?  Cisco's 
George  Kurian  says  yes,  but  Blue  Coat's 
Alagu  Periyannan  says  no.  Page  42. 


Clear  Choice  Test: 

The  open  source  Quagga  router 
doesn't  have  all  the  bells  and  whis¬ 
tles,  but  its  basic  performance 
numbers  are  solid.  Page  51. 


Newsbits 


Microsoft  readies  for  Patch  Tuesday 

■  Microsoft  plans  to  issue  1 1  security  updates  on  Tuesday 
Some  of  the  Office  and  Windows  updates  will  be  for  critical 
flaws  that  could  be  exploited  by  attackers  with  no  action  on 
the  part  of  users.  Six  of  the  patches  will  be  for  Windows,  and 
four  will  be  for  Office,  Microsoft  said  last  week  in  a  note  on  its 
Web  site. The  1 1th  update  will  be  for  a  flaw  in  Microsoft’s  .Net 
framework,  which  is  considered  less  severe  than  the  critical 


Windows  and  Office  patches.  Microsoft  generally  issues  its 
security  patches  on  the  second  Tuesday  of  every  month,  but 
last  week  the  company  was  forced  to  issue  a  rare,  out-of-cycle 
security  patch  after  criminals  began  exploiting  a  flaw  in 
Internet  Explorers  Vector  Markup  Language  rendering  engine. 
Security  experts  also  have  warned  of  cyberattacks  based  on 
unpatched  flaws  in  PowerPoint,  Word  2000  and  in  an  ActiveX 
control  called  WebViewFolderlcon  that’s  used  by  the  Windows’ 
GUI  software. The  WebViewFolderlcon  flaw  will  be  patched 
Tuesday  Microsoft  said. 


New  Google  search  tool 
finds  code 

■  Google  has  created  a  specialized 
search  engine  designed  to  find  soft¬ 
ware  source  code  publicly  available 
on  the  Web.  The  code  search  engine, 
which  debuted  last  week,  is  intended 
to  help  professional  programmers, 
hobbyist  developers  and  code  enthusi¬ 
asts  with  the  difficult  task  of  finding 
source  code  online,  a  Google  official 
said.  Currently,  the  general  Google  Web 
search  engine  can  find  links  to  files 
with  source  code,  but  it  doesn’t  index 
the  actual  lines  of  code  in  those  files, 
said  Tom  Stocky,  a  Google  product 


manager.  In  those  cases,  developers 
need  to  download  the  files  to  their 
computers  and  inspect  the  code. 
However,  the  new  search  engine  has 
been  architected  to  crawl  more  deeply 
and  return  results  containing  actual 
snippets  of  code,  which  should  make 
the  finding  process  simpler,  Stocky 
said. “We  find  the  lines  that  match  your 
queryf  hesaid.The  search  results  link  to 
the  full  file  containing  the  highlighted 
code,  as  well  as  to  the  software  license 
governing  the  use  of  the  code,  which  in 
most  cases  will  be  open  source,  he 
said.  Developers  can  enter  keywords  or 
fuller  patterns  in  the  search  box. 

See  News  Briefs,  page  6 
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Strike  in  India  stifles  outsourcing 

g  Political  strife  led  to  a  shutdown  last  week  of  most 
major  outsourcing  companies  in  Bangalore,  the  heart 
of  India’s  business  community  A  12-hour  strike  closed 
most  offices  of  Indian  outsourcing  giants  Infosys  and 
WiPro,  and  also  affected  work  at  IBM,  Intel  and 
Electronic  Data  Systems,  published  reports  say. 
Bangalore  is  home  to  more  than  1 ,500  businesses.  In 
Bangalore  life  basically  was  shut  down  —  public 
transportation, schools  and  most  stores  closed  —  but 
the  business  of  outsourcing  continued,  either  by  hav¬ 
ing  work  shifted  to  other  locales  or  by  telecommut¬ 
ing,  reports  say.  Many  companies  say  they  asked  work¬ 
ers  to  work  weekend  shifts  to  replace  the  lost  hours. 
The  strike  involved  a  decades-old  boundary  dispute 
between  Karnataka,  the  Indian  state  where  Bangalore 
is  located,  and  neighboring  Maharashtra.  In  April, 
Bangalore  shut  down  for  two  days  when  citizens 
rioted  after  the  death  of  Indian  film  icon  Rajkumar. 
Published  reports  said  the  country’s  software  compa¬ 
nies  lost  $40  million  in  revenue  during  that  time. 

Hitachi  latest  to  recall  batteries 

■  Hitachi  joins  most  of  the  leading  notebook  com¬ 
puter  makers  in  recalling  batteries  from  Sony  that  are 
known  to  overheat  and  could  cause  fires.The  recall  is 
one  of  the  smaller  ones,  affecting  16,000  units  sold 
only  in  Japan.  The  Hitachi  Flora  210W  and  Flora 
Se210  laptops  ship  with  the  Sony  batteries,  Hitachi 
said.  Hitachi  doesn’t  use  the  batteries  in  any  other 
products  and  hasn’t  received  any  complaints  from 
users  about  problems  with  them.  Hitachi’s  recall 
pales  compared  to  Dell’s,  which  was  the  first  and 
affected  4.1  million  of  the  Sony  batteries.  Apple 
recalled  1.8  million  batteries  and  Toshiba,  Lenovo, 
IBM  and  Fujitsu  have  recalled  hundreds  of  thousands 
each.  Combined,  the  companies  have  recalled  more 
than  7.9  million  batteries. 

Govt,  probe  finds  much  'Net  abuse 

&  The  title  of  a  report  issued  this  week  by  the 
Department  of  Interior’s  Inspector  General  — 
“Excessive  Indulgences:  Personal  Use  of  the  Internet 
at  the  Department  of  the  Interior” —  pretty  much  says 
it  all,  but  here’s  a  bit  more.  The  department,  which 
oversees  national  parks,  land  management  and 
more, encourages  most  of  its  80,000  employees  to  use 
the  Internet  for  work-related  duties.  A  one-week  study 
by  the  department’s  Inspector  General  found,  how¬ 
ever,  that  a  lot  of  abuse  is  going  on.  Among  the  study’s 
findings: Computer-use  logs  revealed  more  than  4,732 
entries  relating  to  sexually  explicit  Web  sites  and 
gambling  sites.  Some  computers  accessed  sex  sites 
for  30  to  60  minutes  during  the  test  period. This  activ¬ 
ity  accounted  for  more  than  24  hours  of  Internet  use 
during  the  sample  period,  which  did  not  include  a 
review  of  e-mail  or  other  means  of  transferring  pro¬ 
hibited  material.  More  than  1  million  log  entries  were 


discovered  indicating  7,763  department  computer 
users  spent  more  than  2,000  hours  accessing  game 
and  auction  sites.  Extrapolated  over  the  year,  that 
could  account  for  100,000  lost  work  hours.  Put 
another  way  this  would  equal  50  full-time  employ¬ 
ees  doing  nothing  but  surfing  online  game  and 
auction  sites. 

Nokia  ups  smart-phone  lead 

■  Handheld  PC  vendors  sold  four  times  as 
many  smart  phones  as  PDAs  in  the  sec¬ 
ond  half  of  2006,  and  Nokia  contin¬ 
ued  to  distance  itself  from  competi¬ 
tors.  Nokia  owns  42%  of  the  com¬ 
bined  PDA  and  smart-phone  market, 
compared  with  single-digit  market 
share  for  Research  in  Motion,  Motorola  and  Palm, 
according  to  a  study  released  last  week  by  Gartner. 
Worldwide,  that  market  reached  42.1  million  units,  a 
57%  rise  from  the  same  period  last  year.  Most  of  the 
growth  was  driven  by  sales  of  smart  phones,  which 
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TheGoodTheBadTheUgly 

IBM  not  forgetting  the  mainframe,  sure, 

IBM  does  a  big  business  in  servers,  open  source  and  other  modern 
products,  but  never  let  it  be  said  that  Big  Blue  is  abandoning  the  main¬ 
frame.  The  company  last  week  unveiled  a  five-year,  S100  million  proj¬ 
ect  to  simplify  System  Z  mainframe  operations  and  adoption. 

<  U.S.  government  thumbs  nose  at 

IT.  Well,  not  exactly.  The  total  value  of  the  top  20  U.S.  gov¬ 
ernment  IT  contracts  in  fiscal  year  2007  will  still  be  $118  bil¬ 
lion,  but  that's  less  than  half  the  value  of  the  top  20  in  2006, 
according  to  market  watcher  Input.  Belt-tightening 
by  Congress  and  the  large  number  of  multiyear  con¬ 
tracts  awarded  last  year  are  among  the  factors 
contributing  to  the  decline. 

Firefox  “joke”  no  laughing  matter,  one  of 

the  hackers  who  demonstrated  exploit  code  for  a  vulnerability  in  the 
way  the  Firefox  browser  handles  JavaScript  at  a  recent  hacker  con¬ 
ference  in  San  Diego  acknowledged  last  week  that  the  presentation 
was  meant  to  be  a  joke,  according  to  the  chief  of  security  for  Mozilla. 
Mozilla  security  researchers  spent  a  couple  of  days  scrambling  to 
determine  if  exploit  code  revealed  during  the  presentation  could  let 
someone  execute  malicious  code  through  a  memory  corruption 
attack  on  Firefox. 


“One  of  our  state’s  most  vener¬ 
able  corporate  institutions  lost 
its  way  as  its  board  sought  to 
find  out  who  leaked  confidential 
information  to  the  press.  In  this 
misguided  effort,  people  inside 
and  outside  of  HP  violated 
privacy  rights  and  broke 
state  law.” 

California  Attorney  General  Bill  Lockyer 

See  story  at  www.nwdocfinder.com/5581 


boardroom  scandal.  Superior  Court  Judge  Alfonso 
Fernandez  scheduled  her  arraignment  for  Nov.  17,  at 
which  time  she  will  enter  a  plea  to  the  charges  in  the 
case.  Also  making  an  initial  court  appearance  earlier 
in  the  day  was  Kevin  Hunsaker,  HP’s  former  ethics 
counsel,  who  surrendered  and  was  booked  and 
scheduled  for  an  arraignment  Dec.  6, according  to  the 
office  of  California  Attorney  General  Bill  Lockyer. 
Three  private  investigators  hired  by  HP  to  investigate 
suspected  leaks  to  news  media  by  HP  directors  were 
also  charged  Wednesday  but  because  they  are  from 
out-of-state,  their  court  appearances  probably  will 
occur  sometime  next  week,  Lockyer’s  office  said. 
Each  of  the  five  defendants  faces  charges  of  fraudu¬ 
lent  wire  communications,  wrongful  use  of  computer 
data,  identity  theft  and  conspiracy. 


rose  75.5%  to  34.7  million  units.  In  contrast,  sales  of 
PDAs  grew  very  slowly  climbing  only  5.7%  to  7.4  mil¬ 
lion  units.  Nokia  could  add  to  its  lead  in  the  second 
half  of  2006  as  it  launches  new  models  of  smart 
phones,  said  Roberta  Cozza,  principal  research  ana¬ 
lyst  for  Gartner. 

Former  HP  execs  face  charges 

■  Former  HP  Chairman  Patricia  Dunn  made  a  brief 
court  appearance  last  week  in  Santa  Clara  County, 
Calif.,  to  face  four  state  felony  charges  in  the  HP 


Seller  of  phone  records  settles 

■  An  Internet  business  that  sold  people’s  telephone 
and  credit-card  records  has  agreed  to  settle  charges 
that  it  violated  federal  law,  the  Federal  Trade 
Commission  said  last  week.  Integrity  Security  & 
Investigation  Services  and  its  owner,  Edmund 
Edmister,  will  give  up  $2,700,  the  entire  amount  the 
company  earned  from  selling  phone  records  and 
credit-card  transaction  reports,  the  FTC  said. The  set¬ 
tlement  also  bars  the  company  from  obtaining  and 
selling  confidential  phone  and  credit  account 
records  unless  authorized  by  law  or  court  order. 


“Why  pay  attention  to  beautiful 
blondes  when  we  have  these 
cool  video  games?” 


Will  Mittelsteadt  of  Cedar  Rapids,  Iowa,  is  the  winner  of  this  week's  contest 
Check  back  every  Monday  for  the  start  of  a  new  round. 
www.networkworld.com/weblogs/layer8 
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Gigabit  Ports  Per  Chassis 


ForcelO  Extreme  Cisco  6509  Foundry 

El 200  BD  10K  w/Sup  720  RX-16 


Check  out  the  industry's  only 
90  port  Gigabit  Ethernet  card. 

Learn  more  at  force10networks.com 
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PEERSAY 

From  our  online  forums 

■  When  IVR  gets  too 
annoying.  A  Dell  customer 
writes  that  he  had  trouble 
using  a  new  interactive  voice 
system  Dell  installed  —  it 
couldn't  deal  with  noise  from 
the  server  room  from  which  he 
was  calling  when  he  had  prob¬ 
lems.  “Each  time  I  finally 
reached  a  tech,  after  being 
asked  'How  can  I  help  you,'  I 
responded,  ‘Dump  the  IVR.'" 
Apparently,  Dell  listened." 
www.nwdocfinder.com/5559 

■  Unrequested  newslet¬ 
ters.  Readers  are  agreeing 
with  columnists  Mark  Gibbs’ 
campaign  against  companies 
that  sign  people  up  for  e-mail 
newsletters.  One  writes:  Any 
company  that  sends  me  a 
newsletter  I  did  not  sub¬ 
scribe  to  gets  added  to  my 
large  and  ever  expanding  list 
of  companies  I  will  NOT  buy 
from." 

www.nwdocfinder.com/5560 

■  Employee  morale.  Are 

some  companies  spending 
too  much  time  counting  up 
the  actual  minutes  worked  by 
employees?  Some 
NetworkWord.com  visitors 
think  so:  “We  have  a  fairly 
productive  workforce  here. 
Our  management  philosophy 
is  that  we  will  not  begrudge 
our  employees  a  little  'stolen' 
time  as  long  as  they  get  their 
work  done  accurately  and  on 
time." 

www.nwdocfinder.com/5561 

&  Help  out  grandma.  A 

grandmother  finds  our  support 
forums  and  posts  that  she's 
having  trouble  getting  her 
cable/DSL  router  to  work  with 
her  new  desktop.  Pitch  in  with 
suggestions. 

www.nwdocfinder.com/5570 


Power  players 

Whom  among  your  colleagues  and 
peers  ilo  you  consider  a  potent  industry 
force,  and  why?  Tell  us  and  well  consid¬ 
er  them  for  our  annual  list  of  the  50 
most  powerful  people  in  networks. 

www.nwdocfinder.cora/5344 
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BLOGOSPHERE 

'Net  stronger  than  terrorists 

Plus:  Networking  costume  contest  and  password  un-protection. 

Battle  of  the  network  blogs.  Welcome  to 
today’s  Internet,  where  everyone  can  and  will 
say  anything  about  anyone  in  their  blogs.  What 
happens  when  they  say  too  much?  Is  there  such 
a  thing?  News  Editor  Paul  McNamara  argues  that 
there  is  a  line  that  should  not  be  crossed, and  his 
Buzzblog  is  getting  a  strong  response  from  an  ex- 
Network  World  columnist  who  thinks  otherwise 
—  and  is  blogging  about  it. 

www.nwdocfinder.  com/5576 

Not  just  for  users.  Here’s  something  to  think  about 
the  next  time  you  yell  at  your  users  to  remember 
to  change  their  passwords:  What  about  admin 
passwords?  A  recent  survey  found  that  while  user 
passwords  get  changed  all  the  time,  the  most 
powerful  administrative  accounts  don’t  change 
passwords  all  that  frequently  Layer  8  reports. 

www.nwdocfinder.com/5577 


Internet  stronger  than  terrorists.  Are  you 

spending  your  time  worrying  about  a  terrorist 
attack  on  the  Internet?  According  to  an  Ohio 
State  University  study  that  simulated  attacks  or 
accidents  knocking  out  parts  of  the  Internet,  the 
network  is  extremely  resilient.  The  Alpha  Doggs 
blog  reports,  www.nwdocfinder.com/5574 

The  first  ever  networking 
costume  contest.  This 
year  we’d  like  to  try  a  little 
something  special  for 
Halloween.  Put  together 
a  costume, stand  in  your 
wiring  closet  and  give  a 
digital  camera  to  your  mar¬ 
keting  person.  Send  pictures  to 
Compendium’s  Adam  Gaffin,who  will  give 
some  cool  stuff  to  the  IT  person  with  the  best 
networking  costume  (and  what  does  that  mean 
anyway?),  www.nwdocfinder.com/5575 


Hot  Seat  interviews,  the  coolest  tools,  and  more 


Hot  Seat 

Desktop 
support 
without  a 
client. 


Networkstreaming  founder 
Joel  Bomgaars  talks  with 


John  Gallant  about  the  ben¬ 


efits  of  remote  support 
delivered  through  an  appli¬ 


ance. 

www.nwdocfinder.com/5567 


Cool  Tools: 

Top  5 
Demo 
moments. 

Keith 

Shaw  presents  his  awards 
of  his  favorite  demonstra¬ 
tions,  including  the  award 
for  “Best  use  of  a 
Vegetable”  and  “Best 
Fakeout”. 

www.nwdocfinder.com/5568 


Podcast:: 

Twisted 
Pair. 

Jason 
Meserve 
and  Keith  Shaw  chat  about 
the  IT  worker  shortage,  the 
HP  indictments  and  how 
many  decimal  places  that 
they  can  remember  for  pi. 
www.nwdocfinder.com/5569 


ASK  THE 

HELPDESK  Find  the  answers  to  these  prickly  problems  online. 

This  week:  An  international  problem. 


Help  desk  guru  Ron  Nutter  helps  a  user  with 
an  internationalization  issue  —  an  overseas 
user  can’t  access  the  company  Web  site. 

Help  desk  response: 
www.nwdocfinder.com/5562 

Analyst  Robin  Gareiss  looks  at  the  benefits  of 
hosted  backup.  Help  desk  response: 
www.nwdocfinder.com/5563 


Security  newsletter  writer  M.E.  Kabay  takes  a 
look  at  new  federal  guidelines  for  computer 
forensics. 

Help  desk  response: 
www.nwdocfinder.com/5564 

Columnist  Linda  Musthaler  examines  biomet¬ 
ric  authentication. Help  desk  response: 
www.nwdocfinder.com/5565 


l^-^l  BEST  OF  NWS 

Bank  details 
experiences 
with  metro 
Ethernet 
services 


Wide-area  networking:  A 

reader  from  the  National  Bank 
of  Florida  writes:  “Last  year  we 
began  to  consider  metro 
Ethernet  to  replace  our  frame 
relay  network.  We  were  also 
planning  on  implementing  a 
new  VoIP  system  to  replace  our 
legacy  PBXs.When  we  looked  at 
the  pricing  for  the  bandwidth, 
and  almost  all  of  our  sites  quali¬ 
fied,  it  was  a  no-brainer.  How¬ 
ever,  the  implementation  has 
not  been  an  easy  process.” 
www.nwdocfinder.com/5531 

New  data  center:  Analyst 
Andreas  M.Antonopoulos 
reports  on  Nemertes  Research’s 
recent  research  on  data  centers, 
which  found  that  respondents 
use  a  combination  of  free,  open 
source  and  commercial  tools  to 
manage  their  data  centers. 
www.nwdocfinder.com/5532 

Storage  in  the  enterprise: 

Fresh  from  attending  Storage 
World  Conference  in  Boston, 
EMA  Senior  Analyst  Mike  Karp 
runs  through  some  storage  start¬ 
ups  at  the  show,  including  Siafu, 
which  makes  iSCSI  appliances 
for  small/midsize  businesses 
and  enterprises,  and  lays  claim 
to  an  aggressive  pricing  struc¬ 
ture. 

www.nwdocfinder.com/5533 

Convergence:  In  this  week’s 
two  Convergence  newsletters. 
Analysts  Steve  Taylor  and  Larry 
Hettick  explain  how  VoIP  quality 
is  different  depending  on 
whether  you  are  using  the  public 
Internet  vs.  a  private  IP  network. 
Read  Parts  1  and  2  of  this  report. 
www.nwdocfinder.com/5534 


Free  e-mail  newsletters 

Sign  up  tor  any  of  more  than  40 
newsletters  on  key  network  topics. 

www.nwdocfinder.com/1002 
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_DAY  34:  This  indecision  is  sinking  the  business. 

How  do  we  move  to  a  service  oriented  architecture? 
Where  do  we  start?  Can  we  reuse  what  we  have? 

_Inf restructure  quicksand!!  We  waited  too  long.  I’d 
throw  Gil  my  tie,  but  it’s  a  clip-on. 

_DAY  37:  A  lifeline:  IBM  WebSphere  middleware!  It’s 
already  helped  thousands  of  customers  build  an  SOA. 
Adapters  give  us  a  standardized  approach  to  integrating 
apps  from  SAP,  Oracle  and  others.  And  it  lets  us  reuse 
what  we  have,  saving  time  and  money. 


_0h,  great.  There’s  sand  in  my  yogurt. 


Download  the  reuse  and  connectivity  kit  at: 

IBM.COM/TAKEBACKCONTROL/CONNECT 


WebSphere 
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ntipfiishing  efforts  try  to  keep  pace 


BY  CARA  GARRETSON 

While  many  experts  say  phish- 
ers  will  continue  to  stay  one  step 
ahead  of  even  advanced  preven¬ 
tive  measures,  some  security  com¬ 
panies  are  developing  new  ways 
to  keep  the  public  informed 
about  fraudulent  Web  sites  and 
cut  down  on  scams. 

These  initiatives  are  designed  to 
fight  phishing  by  providing  help¬ 
ful  data  to  ISPs,  e-mail  security 
firms  and  antimalware  vendors 
whose  products  are  designed  to 
protect  their  customers  from 
cybercrime,  as  well  as  the  finan¬ 
cial  institutions  and  online  retail- 


Tricky  phishers 

Some  examples  of  more 

sophisticated  phishing 

attacks: 

•  E-mails  that  ask  recipients  to 
confirm  or  cancel  an  eBay  bid, 
hoping  the  recipient  will  think  the 
e-mail  was  sent  in  error  and  click 
through  to  a  fraudulent  Web  site 
in  attempts  to  fix  it. 

•  E-mails  that  claim  to  be  from 
charitable  organizations  or  hotel 
affinity  programs,  not  the  typical 
financial  institutions  or  online 
retailers  that  are  usually  the 
brands  spoofed. 

•  E-mails  that  try  to  get  access  to 
players  of  Massively  Multiplayer 
Online  Role-Playing  Games,  such 
as  World  of  Warcraft,  in  attempts 
to  turn  virtual  artifacts  and  in¬ 
game  money  into  real  cash. 

SOURCE:  REPORTS  FROM  SECURITY 

VENDORS 

ers  whose  Web  sites  are  mimicked 
by  fraudulent  ones. 

Meanwhile,  the  fight  against 
phishing  also  is  playing  out  on  the 
desktop,  as  tools  to  keep  Web 
users  from  visiting  fraudulent  sites 
become  more  prominent.  For  ex¬ 
ample,  the  next  version  of  Internet 
Explorer  will  include  the  Phishing 
Filter,  designed  to  warn  users  if 
they  visit  a  fraudulent  Web  site, 
according  to  Microsoft  officials. 
The  next  version  of  the  Firefox 
browser  is  expected  to  have  a  sim¬ 
ilar  feature. 

Yet  by  the  time  these  upgrades 
are  widely  adopted,  phishers 
will  have  found  ways  around 
the  blocking  mechanisms,  one 
analyst  says. 


“Phishing  attacks  as  we  know 
them  will  go  away,  but  I’m  sure 
[phishers]  will  come  up  with 
something  else,” says  Avivah  Litan, 
a  vice  president  at  Gartner. 

“I  think  it’s  spy  vs.  sp^’  echoes 
Todd  Bransford.vice  president  of 
marketing  with  antiphishing  ven¬ 
dor  Cyveillance.  “We  see  more 
variants  of  phishing  as  the  bad 
guys  get  more  creative  and  come 
up  with  new  ways  to  circumvent 
security  .  .  .  they’re  just  different 
enough  so  that  they’re  not  recog¬ 
nized  by  the  security  efforts.”  (See 
chart,  page  13.) 

Among  the  new  initiatives  de¬ 
signed  to  fight  phishing  is  an  offer¬ 
ing  from  Cyveillance,  whose  ser¬ 
vice  is  used  by  financial  institu¬ 
tions,  online  retailers  and  other 
companies  to  protect  their  brand 
on  the  Web.  Last  week  the  compa¬ 
ny  announced  it  will  make  its  data 
regarding  phishing  sites  available 
for  reuse  by  other  vendors. 

The  OEM  Content  Program  is 
designed  for  ISPs  and  security 
companies  that  need  to  block 
users  from  phishing  sites,  Brans- 
ford  says. This  phishing  data  from 
Cyveillance  is  used  by  AOL  and 
Microsoft  with  their  ISP  offerings. 

The  company’s  crawlers  and 
agents  constantly  scour  the  Web 
for  misuse  of  its  clients’  brands, 
and  often  discover  fraudulent 
sites.  With  the  new  offering,  Cy¬ 
veillance  will  make  this  informa¬ 
tion  available  to  companies  that 
interact  directly  with  users  to  help 
protect  them  from  these  sites, 
Bransford  says.  The  information 
provided  via  this  service  is 
backed  by  a  no-false-positives  ser¬ 
vice-level  agreement. 

Cyveillance  competitor  Mark- 
Monitor  late  last  month  an¬ 
nounced  a  private-label  desktop 
application  that  it  will  sell  to  finan¬ 
cial  institutions  looking  to  offer 
their  customers  protection 
against  fraudulent  sites.  Called 
Trust  Guard  for  Financial  Services, 
the  software  performs  real-time 
heuristics  and  contextual  analysis 
to  decide  if  a  Web  page  is  fraudu¬ 
lent  and  also  checks  sites  against 
the  MarkMonitor’s  own  black  list. 

The  software  is  available  as  a 
stand-alone  application  or  can 
be  integrated  into  existing  appli¬ 
cations  and  toolbars.  Financial 
institutions  can  rebrand  the  soft¬ 
ware  and  distribute  it  directly  to 
their  customers. 


This  week  Tipping  Point,  a  divi¬ 
sion  of  3Com,  plans  to  announce 
a  Firefox  browser  add-in  designed 
for  use  by  cybercrime  investiga¬ 
tors,  network  operators  and  secu¬ 
rity  companies  that  provides 
instant  information  about  the  Web 
site  the  user  is  visiting.  Called 
Monkeyspaw  and  based  on  open 
source  code,  the  tool  aims  to  help 


security  professionals  analyze 
and  report  fraudulent  sites,  says 
Tod  Beardsley  lead  counterfraud 
engineer  with  Tipping  Point. 

Monkeyspaw  provides  infor¬ 
mation  such  as  the  IP  address  of 
a  Web  server,  its  configuration 
information  and  its  geographi¬ 
cal  location  —  data  that  can 
prove  helpful  in  determining 


whether  a  site  is  valid.  While  this 
information  can  be  obtained  by 
some  digging,  Monkeyspaw  pre¬ 
sents  it  quickly  and  clearly, 
Beardsley  says.The  tool  also  can 
be  used  to  report  a  fraudulent 
site  to  CastleCops’  Phishing 
Incident  Reporting  and 
Termination  Squad,  which  takes 
down  phishing  sites.B 


WiMAX  puts  down  roots 
in  Canadian  farming  town 

As  big  players  gather  for 
WiMAX  conference, 
start-up  shows  the  way. 


BY  JOHN  COX 

Hanna,  Alberta,  has  2,996  people,  16  restaurants,  10 
churches,  seven  motels  and  six  WiMAX  towers. 

This  rural  farming  town  about  two  hours  northeast 
of  Calgary  on  Canada’s  ocean  of“short-grass  country/’ 
is  on  the  cutting  edge  of  fixed  broadband  wireless 


Mobile  WiMAX,  based  on  the  802. 16e  standard  and 
not  due  for  deployment  until  late  in  2007,  will  sup¬ 
port  roughly  similar  data  rates,  but  at  shorter  ranges 
compared  with  16d,to  client  devices  in  vehicles.That 
is  analogous  to  the  kind  of  mobility  you  get  with  cel¬ 
lular  voice  calls  today  But  the  WiMAX  Forum  hasn’t 
released  the  mobile  profiles  used  to  bolster  vendor 
interoperability  And  the  16e  standard  is  going 
through  an  extensive  formal  process  to  correct  errors 
and  inconsistencies. 

Issues  like  security  and  service-level  agreements 


M With  WiMAX  as  a  standard,  it’s  easier  for 
subscribers  [users]  to  set  up  their  own  equip¬ 
ment,  compared  to  proprietary  broadband  wire¬ 
less,  which  is  far  more  complex  to  set  up.W 

Terry  Duchcherer,  president  and  founder,  Netago  Wireless,  Hanna,  Alberta 


deployment  in  North  America. 

At  this  week’s  WiMAX  World  conference  in  Boston, 
multimillion-dollar  chip  vendors,  equipment  build¬ 
ers,  carriers  and  network  providers  plan  to  promise 
to  do  what  a  tiny  start-up,  Netago  Wireless,  (www.nw 
docfinder.com/5572)  has  begun  in  Hanna:  deploy 
Nortel  base  stations  and  customer  premises  gear 
(called  subscriber  stations)  with  radios  based  on  the 
IEEE  802. 16d  fixed  WiMAX  standard. 

Netago’s  plan  and  early  experience  suggest  the 
future  development  of  fixed  WiMAX  in  much  of 
North  America:  affordable,  multigigabit  data  services 
in  areas  where  alternative  technologies  such  as  fiber¬ 
optic  networks  and  3G  wireless  are  lacking,  inferior 
or  costly 

The  value  is  access 

“Access  is  the  value  in  WiMAX  —  the  last-mile  con¬ 
nections,”  says  Tara  Howard,  an  analyst  in  the  broad¬ 
band  access  technologies  unit  of  the  Yankee  Group. 
But  activity  in  the  United  States  for  fixed  WiMAX  is 
much  less  than  elsewhere  in  the  world,  she  says. 
AT&T  announced  a  WiMAX  trial  last  year,  for  back¬ 
haul  and  disaster-recovery  applications,  and  that  trial 
is  ongoing. 


may  cause  big  enterprises  to  delay  the  WiMAX 
embrace,  Howard  says.“It  might  be  good  for  certain 
remote  workers,  and  smaller  businesses  may  find 
cost  advantages  in  using  WiMAX  services  compared 
to  expensive  T-l  connections,”  she  says. 

Netago,  founded  three  years  ago  by  its  president, 
Terry  Duchcherer,  has  about  70  WiMAX  customers. 
Most  are  residential,  but  a  few  are  energy  companies 
that  are  wringing  oil  and  gas  from  beneath  the 
region’s  fields  of  wheat,  barley  and  rye. 

The  WiMAX  opportunity 

Duchcherer  has  worked  for  telecom  companies 
since  1981.  Then  in  2002  he  saw  the  start  of  the 
provincewide  Alberta  SuperNet  (www.nwdocfinder. 
com/5573),  a  high-capacity  fiber  backbone  intended 
to  link  government  agencies, schools  and  hospitals  to 
the  Internet.  And  he  saw  an  opportunity  “The  back¬ 
bone  doesn’t  do  the  last-mile  [connection] ,”  he  says. 
“That’s  left  to  private  enterprise.”  It  was  the  opportuni¬ 
ty  to  bring  high-speed  Internet  access  to  rural  homes 
and  businesses  by  using  broadband  wireless. 

Initially, in  2005, Netago  provided  a  data  connection 
via  proprietary  radio  gear  as  a  stopgap  until  the 

See  Netago,  page  13 
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.INFRASTRUCTURE  LOG 

_DAY  44:  This  lack  of  productivity  is  out  of  control. 
What  we’re  using  isn’t  working.  Gil’s  had  enough. 

He  moved  everyone  into  one  cubicle.  A  “collaboration” 
cubicle.  We  need  a  better  idea. 

_DAY  46:  I’m  going  with  IBM  Lotus®  Notes®  and  Domino! 
It’s  more  than  e-mail;  it’s  an  open  platform  designed 
for  collaboration.  It  has  proven  security  features  and 
productivity  enhancers  like  document  sharing  and  custom 
app  development.  And  it’s  flexible  enough  to  integrate 
across  multiple  platforms,  including  J2EE™  and  Linux! 

_0K,  who  sat  on  my  lunch? 
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These  energy  efforts  are  hot,  hot,  hot 


BY  JENNIFER  WEARS  AND  DENI  CONNOR 

As  heat,  power  and  cooling  rise  to  the  top  of  the  list  of 
concerns  for  data  center  managers,  there  are  a  growing 
number  of  initiatives  aimed  at  helping  enterprises  reduce 
electricity  consumption  and  increase  efficiency  of  their 
technology  infrastructures. 

These  initiatives  come  at  a  good  time  as  energy  costs 
skyrocket.  Gartner,  for  example,  estimates  that  energy  bills 
traditionally  have  accounted  for  less  than  10%  of  an  over¬ 
all  IT  budget  but  soon  could  account  for  more  than  half. 

Gartner  analysts  advise  enterprises  to  make  the  most 
efficient  use  of  existing  systems  with  technologies  such  as 
workload  balancing  and  virtualization,  and  to  plan  for 
greener  data  center  designs  in  the  years  ahead. 

Data  center-focused  energy  initiatives  should  help  enter¬ 
prises  set  their  path  as  they  choose  more  energy-efficient 
components,  analysts  say  What  follows  are  some  recent 
initiatives  that  IT  managers  should  be  watching: 

80  Plus 

Sponsored  by:  Northwest  Energy  Efficiency 
I  Alliance  and  Ecos  Consulting 

Description:  An  electric  utility-funded  program  that  pro¬ 
vides  incentives  to  manufacturers  to  use  more  energy- 
efficient  power  supplies  into  desktop  computers  and 
servers.  The  80  Plus  power  supply  is  80%  or  more  energy 
efficient  at  20%,  50%  and  100%  of  rated  load  with  a  true 
power  factor  (which  is  the  real  power  divided  by  the  total 
apparent  power)  of  0.9  or  greater.  As  many  as  20  power 
supply  manufacturers  have  submitted  products  for  certifi¬ 
cation  to  80plus.org.  Eight  states  are  members  of  80  Plus. 

Impact:  Large  commercial  businesses  are  expected  to 
specify  80  Plus  in  their  procurement  policies  as  more 
manufacturers  adopt  it. 

Who  is  affected:  Any  U.S.  business. 

When  implemented:  Now. 

ASHRAE  Standards 

Sponsored  by:  American  Society  of  Heating, 
B  Refrigerating  and  Air  Conditioning  Engineers 

Description:  ASHRAE  has  some  87  standards  that 
address  uniform  methods  of  testing  equipment  for  rating 
purposes;  describe  recommended  practices  in  designing 
and  installing  equipment;  specify  indoor  air  quality,  ther¬ 
mal  and  energy  conservation;  and  recommend  the  safe 
use  of  refrigerants.  ASHRAE  oversees  technical  advisory 
groups  in  the  American  National  Standards  Institute 
involved  with  refrigeration  and  air  conditioning,  solar 
energy  and  building  environmental  design. 

Impact:  ASHRAE  standards  have  been  adopted  by  any 
IT  professional  who  is  a  part  of  the  55,000-member 
ASHRAE. 

Who  is  affected:  Data  center  designers  and  managers. 

When  implemented:  Now. 

Fault  Tolerant  Power  Compliance 

Specifications  and  Cooling 
B  Compatibility  Specification 

Sponsored  by:  The  Uptime  Institute 

Description:  The  Fault  Tolerant  Power  Compliance  Spec¬ 
ifications  refer  to  computers  that  receive  AC  input  from 
two  AC  power  sources.  It  is  to  provide  fault-tolerant  oper¬ 
ation  when  receiving  power  from  a  single  source  or  both 
sources.  The  Cooling  Compatibility  Specification  applies 
to  a  computer  or  communications  equipment  and  speci¬ 
fies  that  it  is  capable  of  maintaining  a  consistent  internal 


temperature  regardless  of  where  it  is  positioned  in  the 
data  center  or  installed  with  products  from  different  man- 
ufacturers.The  specification  assumes  that  equipment  will 
be  configured  in  hot/cold  aisles  on  the  raised  floors  of 
data  centers  (www.nwdocfinder.com/5583). 

Impact:  The  Uptime  Institute  is  a  well-respected  organi¬ 
zation.  Its  members,  which  include  American  Express,  JP 
Morgan  Chase, Verizon,  HPBoeing  and  United  Airlines,  are 
likely  to  look  to  its  recommendations  when  they  design 
computer  gear  or  when  they  implement  it. 

Who  is  affected:  Anyone  who  buys  computers  certified 
by  the  Uptime  Institute. 

When  implemented:  Now. 

Google  PSU  Standard 

Sponsored  by:  Google,  working  with  Intel 
I  Description:  Google  is  proposing  a  new  12-volt 
standard  for  power  supplies  that  support  PCs  and  low-end 
servers  (www.nwdocfinder.com/5584),  eliminating  today’s 
multivoltage  power  supply  units  (PSU),  which  Google  says 
provide  too  much  power  and  waste  30%  to  45%  of  their 
energy  By  using  Google’s  proposed  standard,  which  the 
search  engine  giant  uses  internally  to  cut  costs,  enterprises 
could  reduce  energy  waste  to  just  10%,  Google  says. 

Impact:  Google  estimates  that  its  12v  PSU  standard,  if 


deployed  in  100  million  PCs  running  for  an  average  of 
eight  hours  per  day,  would  save  40  billion  kilowatt-hours 
over  three  years,  or  more  than  $5  billion  at  California 
energy  rates. 

Who  is  affected:  All  U.S.  PC  and  server  vendors. 

When  implemented:  Uncertain;  Google  presented  a 
white  paper  outlining  its  proposal  at  the  Intel 
Developer  Forum  in  September,  and  is  working  with 
Intel  and  other  partners. 

The  Green  Grid 

Sponsored  by:  Advanced  Micro  Devices 
|  (AMD),  HP  IBM,  Sun,  Environmental  Protection 
Agency  (EPA)  and  the  Alliance  to  Save  Energy 

Description:  With  vendor,  user  and  analyst  input,  the 
Green  Grid  aims  to  collect  best  practices  in  data  center 
operation,  construction  and  design,  and  issue  recommen¬ 
dations  for  energy-efficient  IT. 

Impact:  Enterprises  are  expected  to  use  Green  Grid  rec¬ 
ommendations  in  designing  data  centers. 

Who  is  affected:  Any  U.S.  business. 

When  implemented:  The  Green  Grid  was  formed  in  the 
spring;  first  recommendations  have  not  yet  been  issued. 

See  Power,  page  16 


ESoft  revamps  security  systems 


Gateway  protection 

ESoft's  6  intrusion-prevention  and  content-filtering  appliances: 

InstaGate  Integrated  Gateway 

(Includes  firewall  and  VPN,  with  options  for  antivirus,  antispam,  antispyware  filtering.) 

•  Model  404:  Four  Fast  Ethernet  interfaces;  150Mbps  firewall,  80Mbps  VPN,  40GB 

hard  drive.  Starts  at  $2,000.  _ 

•  Model  604:  Four  Gigabit  Ethernet  interfaces;  300Mbps  firewall;  160Mbps  VPN; 
80GB  Internet  hard  drive.  Starts  at  $3,000. 

•  Model  806:  Six  Gigabit  Ethernet  interfaces;  750Mbps  firewall;  400Mbps  VPN; 
dual  120GB  hard  drive.  Starts  at  $5,000. 


ThreatWall  Content  Security  Gateway 

(Unified  threat  management  appliances  for  intrusion  prevention  and  content  filtering.) 

•  Model  250:  Four  Fast  Ethernet  interfaces;  processes  as  many  as  7,500  e-mails 
per  hour;  40GB  hard  drive;  options  include  instant  messaging  and  peer-to-peer 
network  control.  Starts  at  $2,300. 

•  Model  450:  Four  Gigabit  Ethernet  interfaces;  processes  as  many  as  20,000 
e-mails  per  hour:  80GB  hard  drive;  options  include  IM  and  peer-to-peer  network 
control.  Starts  at  $3,300. 

•  Model  650:  Eight  Gigabit  Ethernet  interfaces;  processes  as  many  as  75,000 
e-mails  per  hour;  dual  120GB  hard  drive;  LAN  bypass  for  safe  failover;  options 
include  IM  and  peer-to-peer  network  control.  Starts  at  $6,000. 


BY  ELLEN  MESSMER 

Security  vendor  eSoft  this  week  plans  to 
announce  six  gateway  intrusion-prevention 
system  and  content-filtering  appliances  that 
the  company  says  significantly  boost  speed 
and  processing  power  compared  to  the  com¬ 
pany’s  current  security  models. 

The  three  new  models  of  the  InstaGate 
Integrated  Gateway  are  firewall/VPN  IPSs  sup¬ 
porting  speeds  of  as  much  as  750Mbps;  they 
replace  the  lower-speed  InstaGate  305  family 
which  topped  out  at  a  speed  of  MOMbps.The 
three  new  models  of  the  eSoft  ThreatWall 
Content  Security  Gateway  can  filter  as  many 
as  75,000  e-mails  per  hour;  they  replace  cur¬ 
rent  ThreatWall  appliances  that  process  as 
many  as  6,500  e-mails  per  hour. 

The  InstaGate  404,  604  and  806  models  are 
unified  threat  management  (UTM)  devices 
that  combine  firewall,  IPS,  antivirus  filtering 
and  other  content-filtering  options  into  a  sin¬ 
gle  hardware  appliance. 

Scott  Lukes,  vice  president  of  marketing 
and  product  development  at  eSoft,  says  the 
company  has  developed  its  own  antivirus 
technology  but  relies  on  Aluria  for  antispy¬ 
ware  filtering. 

Among  eSoft’s  competitors  in  gateway 
defense  are  Cisco,  Symantec,  McAfee,  SonicWall  and 
Juniper. 

The  ThreatWall  models  250,450  and  650  are  antispam  fil¬ 
tering  appliances  that  include  antivirus  and  antispyware 
options  and  block  instant  messaging  (IM)  and  peer-to-peer 
file  sharing. 

Tim  Taylor,  IT  director  at  Good  Times  Restaurants,  a 


nationwide  chain  based  in  Golden,  Colo.,  a  few  weeks  ago 
swapped  out  an  older  InstaGate  for  the  Model  806  to  filter 
out  spam  and  spyware  at  the  Internet  perimeter  on  behalf 
of  employees  at  its  headquarters. 

“We  use  it  as  an  all-in-one  appliance,”  Taylor  says.  “The 
newer  InstaGate  model  gives  us  better  speed,  and  Web  con¬ 
tent  seems  to  be  available  faster  with  it.”  ■ 


Bringing  fixed  WiMAX  to  rural  Alberta 

i MAX  net 

((# 


Service  provider  Netago's  WiMAX  network  links  businesses,  residential  users  and  mobile 
workers  to  fiber  backbone. 

. . WiMAX  subscriber  station 

Nortel  WiMAX  base  station 


Laptop  with  WiMAX 
802.16  adapter 


with  802.11  Wi-Fi  interface 

■ftfr 


LAN  switch 


Laptop  with  WiMAX 
802.16  adapter 


Netago 

continued  from  page  10 

IEEE  standard  was  finalized  and 
vendors  began  delivering 
WiMAX  gear. 

“One  of  the  hugest  reasons  we 
were  looking  at  WiMAX  was 
because  our  government  part¬ 
ner  is  easy  to  sell  to  when  we 
can  say, ‘We’re  using  a  standards- 
based  technology.’  They  don’t 
have  to  worry  about  [being 
locked  into]  a  single  vendor,” 
Duchcherer  says. 

He  also  wanted  a  radio  tech¬ 
nology  that  made  use  of  licensed 
spectrum,  in  this  case  the  3.5-GHz 
band,  which  is  not  available  in 
the  United  States  for  commercial 
use.The  WiMAX  standard  can  use 
numerous  licensed  and  unli¬ 
censed  bands. 

“Moving  from  unlicensed  pro¬ 
prietary  equipment  to  licensed 
WiMAX  removes  all  [potential] 
interference  issues  for  us,”  he  says. 
Radio  users,  whether  rival  carriers 
or  private  enterprise, “just  plain  are 
not  allowed  to  use  our  spectrum,” 
he  says. 

Netago  set  up  the  first  three 
Nortel  WiMAX  towers  in  early 
2006  and  has  just  added  three 
more.  Eventually,  says  Duch¬ 
cherer,  Netago  with  Nortel,  under 
a  contract  with  the  Alberta 
Special  Areas  Board,  will  blanket 
some  8,000  square  miles  with 


WiMAX  data  and  eventually 
voice  services. 

Multigigabit  and  affordable 

Customers  today  can  select 
from  three  data  plans,  delivering 
uplink  speeds  of  1.5M  to  3Mbps, 
and  downlink  speeds  of  about 
512Kbps. 

The  plans  are  priced  from  $35  to 
$150.  Duchcherer  says  that’s  “fairly 
comparable  to  DSL  service.” 

The  speeds  are  a  big  im¬ 
provement  over  the  dial-up  con¬ 
nections  users  in  the  area  were 
relying  on. 

Ranges  vary  but  with  good  line 
of  sight  to  the  base  station  a  sub¬ 
scriber  radio  can  get  the  maxi¬ 
mum  data  rate  at  up  to  15  miles 
away 

Most  customers  today  use  an 
outdoor  subscriber  station,  about 
12  inches  square,  mounted  on  the 
side  or  roof  of  a  building.  In  the 
future,  indoor  units  will  be  avail¬ 
able,  similar  in  concept  to  a  DSL 
or  cable  modem  today.  “With 
WiMAX,  it’s  easier  for  subscribers 
to  set  up  their  own  equipment 
compared  to  proprietary  radios, 
which  are  far  more  complex  to  set 
up,”  Duchcherer  says. 

Today,  a  Netago  technician 
mounts  the  outdoor  subscriber 
unit  and  powers  it  up.  It  starts 
scanning  for  the  nearest  base 
station,  identifies  itself,  and  a 
server  in  Netago’s  network  oper¬ 


ations  center  then  downloads 
the  appropriate  configuration 
data. 

“With  self-install  home  units  [in 
the  future],  subscribers  will  be 
able  to  plug  it  in,  fire  it  up,  and 
then  from  our  NOC,  we  can  con¬ 
figure  that  radio  and  give  them 
service  in  a  matter  of  minutes.  In 
either  case,  the  NOC  can  remotely 
monitor,  troubleshoot  and  man¬ 
age  the  subscriber  radio.” 

Next:  Nomadic  computing 

Duchcherer  plans  to  market 
Netago’s  WiMAX  service  to 
mobile  workers,  most  of  the 
booming  oil  patch.  There  are 
hundreds  of  such  potential  users, 


with  laptops  cabled  to  cell 
phones  as  modems,  struggling 
with  expensive  and  spotty  CDMA 
IX  cellular  data  services.  “It’s  not 
that  much  faster  than  dial-up,”  he 
says. 

Nortel’s  installation  engineers 
have  already  almost  by  accident, 
proved  the  viability  of  Netago’s 
WiMAX  service  for  such  nomadic 
users.  Last  January,  not  wanting  to 
troubleshoot  and  configure  the 
base  stations  outdoors  in  the  bit¬ 
ter  cold,  the  engineers  tossed  one 
of  Nortel’s  indoor  WiMAX  sub¬ 
scriber  units  onto  the  dashboard 
of  their  pickup  truck.  They  used 
an  Ethernet  cable  to  connect  a 
laptop  and  then  drove  all  over 


with  it,  testing  the  bandwidth. 
With  good  line  of  sight  to  the 
base  station,  they  held  onto  data 
rates  of  2M  to  3Mbps  up  to  10 
miles  away  Duchcherer  says. 

While  Sprint  Nextel  and 
Clearwire  in  the  United  States 
have  announced  plans  to 
deploy  802. 16e  mobile  WiMAX 
networks,  at  a  cost  of  billions, 
Duchcherer  doesn’t  have  simi¬ 
lar  plans.“The  thing  about  16e  is 
the  shorter  range,”  he  says.  “On 
handheld  devices,  this  will  drop 
to  three  to  four  kilometers.  And 
16e  radios  are  likely  to  be  con¬ 
siderably  more  costly  [initially]. 
For  our  target  businesses,  that’s 
not  on  our  radar  screen.”H 
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Nielsen 

continued  from  page  1 

measure  TV  viewing  habits  in  more  than 
40,000  Nielsen  homes.“But  how  do  you  mea¬ 
sure  what’s  on  a  video  iPod  at  38,000  feet  on 
an  airplane’s  fold-down  tray?” 

The  demand  for  this  new  data  is  changing 
how  Nielsen  collects  and  processes  its  rat¬ 
ings  numbers,  which  each  year  drive  TV 
advertising  and  programming  worth  $70  bil¬ 
lion  and  determine  what  soars  and  bombs 
in  show  business. 

Anywhere  metering 

Over  the  years,  keeping  up  with  video  tech¬ 
nology  has  been  a  challenge  for  Nielsen,  Luff 
says.The  company’s  traditional  technology 
for  tracking  TV  viewing  involved  set-top  boxes 
—  called  People  Meters  —  which  recorded 
what  channels  were  watched  and  when. This 
technology  used  physical  taps  and  probes 
wired  into  a  TV  or  cable  box  to  read  channel 
numbers  or  the  UHF/VHF  frequency  of  the 
set.  Analog  modems  in  the  back  of  the 
Nielsen  People  Meter  provided  nightly  phone 
calls  to  a  data  center  where  information  on 
viewing  events  —  every  minute  of  TV 
watched,  including  channel  changes  —  was 
deposited  at  2  a.m. 

The  increasing  complexity  of  home  elec¬ 
tronics,  and  new  technologies  such  as 
time-shifted  viewing  via  TiVo,  forced 
Nielsen  to  come  up  with  new  ways  to 
identify  what  people  were  watching,  and 
when.  Nielsen  worked  with  TV  broadcast¬ 
ers  to  invent  two  technologies  that  let  its 
meters  recognize  when  a  show  is  playing, 
based  on  signals  hidden  in  the  audio.  One 
method,  called  psychoacoustic  encoding 
(see  story  at  www.nwdocfinder.com/5424), 
injects  a  digital  time  stamp  and  program 
title  —  or  “active  signature” —  into  the 
audio  tracks  of  TV  shows  as  they  are 
broadcast.  Another  technique,  called  pas¬ 
sive  signatures,  creates  a  kind  of  audio  fin¬ 
gerprint  for  TV  shows;  a  split-second  sam¬ 
ple  of  audio  is  digitized,  creating  a  unique 
signature,  which  also  can  be  recognized 
by  metering  equipment. 

These  two  types  of  signatures  will  also  allow 
Nielsen  to  tap  into  the  viewing  habits  of 
mobile  video  users,  or  even  those  watching 
regular  TV  outside  the  home. 

One  gadget  in  the  works  is  the  Go  Meter, 
which  some  Nielsen  participants  next  year 
will  begin  to  carry  with  them  throughout 
the  day. 

!i  you  think  [iPod]  Nano, you’re  pretty  close 
to  .'/fiat  the  Nielsen  Go  Meter  will  look  like” 
Luff  says.ihe  device  samples  the  ambient 
audio  surrounding  the  user  and  searches  for 
the  psychoacoustic  codes  embedded  in  TV 
programs.  Recognized  signatures  are  logged 
and  stored  in  flash  memory  in  the  Go  Meter. 
The  gadget’s  docking  station  —  similar  to  a 
PDA  or  iPod  cradle  —  recharges  it  at  night 
and  uploads  the  day’s  codes  during  the 
2  a.m.  data  deluge  via  a  modem. 

A  smaller  monitoring  device  is  in  the  works 


for  video  iPods  or  smart  phones  that  can  play 
video. The  Solo  Meter  —  also  due  to  hit  next 
year  —  is  about  the  size  of  a  triple-A  battery 
and  sits  between  the  earphone  jack  on  an 
audio  device,  and  the  headphone  jack.  The 
Solo  Meter  intercepts  audio  between  the  iPod 
line-out  jack  and  the  head  phones,  and  stores 
only  the  audio  signatures  that  are  identified 
in  flash  memory 

In  measuring  eyeballs  glued  to  cell  phone 
video  screens,  Nielsen  is  eliminating  even  the 
cradles  that  power  up  and  download  data 
from  devices.  Software  developed  by  the 
company  that  runs  on  smart  phones  lets  the 
devices  call  Nielsen’s  data  center  directly 
over  the  cellular  network,  delivering  data  on 
what  the  user  watched  while  riding  the  bus  or 
waiting  in  line  at  the  bank  that  day 

“If  we  can’t  measure  all  video  watched  in 
a  household,  then  we  have  to  abandon  that 
household,”  Luff  says.The  theory  goes  like 
this:  If  dad,  mom  and  sister  are  watching 


While  Nielsen  Media  Research  traditionally  gath¬ 
ered  data  from  its  People  Meter  device  (above) 
attached  to  living  room  TV  sets,  the  company  has 
developed  the  Solo  Meter  (top  right)  to  measure 
what  people  watch  on  portable  video  devices. 


ABC,  FOX  and  CBS  on  separate  TVs  in  a 
house,  but  brother  is  watching  streamed 
NBC  shows  on  the  Web,  the  data  for  that 
family  would  not  be  valid. 

To  meter  streamed  shows  on  the  Internet, 
Nielsen  has  developed  a  software  agent  that 
would  be  downloaded  onto  Nielsen  ratings 
participants’  PCs  and  would  report  to  Nielsen 
the  streamed  network  TV  content  watched  on 
that  PC.  Luff  says  this  could  extend  someday 
to  nontraditional  streamed  video,  such  as 
content  from  YouTube. 

Nielsen  also  is  starting  to  tap  into  video  on 
demand  (VOD)  servers  that  cable  and 
phone  providers  are  installing  to  provide  on- 
demand  programming  to  subscribers.  Be¬ 
cause  VOD  programs  are  not  watched  on  a 
particular  schedule,  and  the  content  con¬ 
tains  no  active  or  passive  audio  codes  recog¬ 
nizable  by  Nielsen’s  gear,  the  company 
created  software  that  runs  on  VOD  servers 
on  providers’  networks,  which  send  logs  to 
Nielsen’s  data  center  containing  what  was 
watched  and  when. 

Data  center  growth 

Winter  Corp.,a  research  firm  that  surveys 
the  largest  databases  in  the  world,  usually 


ranks  Nielsen’s  database  as  one  of  the  10 
largest.  Nielsen’s  headquarters  in  New  York  is 
the  central  repository  for  viewing  information 
sent  every  night  by  hundreds  of  Nielsen 
devices  in  the  field.  Nielsen’s  main  database 
—  which  contains  more  than  20TB  of  TV 
viewing  data  for  the  last  five  years  —  grows 
each  evening  by  the  approximately  40GB  of 
data  collected  from  Nielsen  family  house- 
holds.“If  you  can  remember  a  particular  ‘Star 
Trek’  episode  from  five  years  ago,  we  can  find 
out  how  many  people  who  were  pet  owners 
at  the  time  were  watching,”  says  Kim  Ross, 
Nielsen’s  CIO.  (Nielsen’s  offline  archives  pro¬ 
vide  TV  viewing  data  back  to  the  “Howdy 
Doody”era,he  adds). 

The  national  data  is  collected  primarily  via 
a  bank  of  1,000  analog  modems  in  the  data 
center.  Devices  in  Nielsen  homes  across  the 
country  call  in  to  the  center  at  2  a.m.  in  their 
respective  time  zones.The  data  is  collected 
by  6  a.m. .which  gives  the  staff  of  analysts 
and  programmers  just  a  few  hours  to  com¬ 
pile  and  make  it  into  a  deliverable  report  for 
Nielsen  clients. 

Besides  compiling  the  raw  data,  Nielsen  col¬ 
lects  the  broadcast  logs  of  all  major  TV  net¬ 
works,  as  well  as  the  logs  from  more  than 
13,000  cable  TV  head-ends  nationwide.To 
complete  the  picture,  this  data  must  be 
crossed-referenced  with  incoming  data  from 
Nielsen  monitoring  devices.  A  staff  of  more 
than  1 ,300  does  this  every  morning. 

As  impressive  as  Nielsen’s  database,  com¬ 
puting  infrastructure  and  analyst  manpower 
may  seem,  Ross  feels  the  company  is  on  the 
verge  of  a  processing  and  storage  shortfall. 
The  mobile  metering  projects  being 
dreamed  up  by  CTO  Luff’s  team  would  gen¬ 
erate  a  flood  of  data  that  soon  may  be  pour¬ 
ing  into  Nielsen’s  data  center. 

“Today  the  ratings  calculations  run  on  the 
mainframe,  and  we’ve  had  no  reason  to 
move  them,”  Ross  says.“But  these  new  proj¬ 
ects  could  multiply  our  applications  and 
data,  and  maybe  drive  it  up  10-fold.  One  of 
the  places  we  would  run  out  of  gas  real 
soon,  or  drive  up  our  cost  quickly  is  in  that 
calculation  area.” 

One  way  Ross  is  preparing  for  this  is  by 
pulling  some  of  the  blade  server-based  dis¬ 
tributed  processing  it  uses  in  other  parts  of 
the  business  into  the  core  processing  role.  At 
the  edge  of  its  network,  Nielsen  uses  IBM 
blade  servers  running  Linux  and  Business 
Analytics  software.This  platform  is  used  by 
advertisers  and  TV  networks  for  running 
analysis  and  reporting. 

The  distributed  Linux  blades  ended  up 
being  so  fast,  Ross  says,  his  server  staff  plans 
to  install  a  system  of  multiple  blades  to  aug¬ 
ment  the  mainframe  processing.  Parts  of 
Nielsen’s  internal  data  analysis  run  staged 
as  Java  routines  and  distributed  across  10 
Linux  blades. 

“This  will  give  us  that  Google-style  scalabil¬ 
ity?’  Ross  says.“If  you  set  out  to  take  every 
viewing  event,  just  from  every  set-top  box,  this 
alone  could  drive  up  our  processing  and 
storage  needs  a  thousand  times,”  Ross  says.  ■ 
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Array  looks  to  simplify  SSL  VPN  access 

Company’s  program  sets  up  secure  site-to-site  networks. 


IPSec  vs.  SSL  tor  site-to-site  connections 

IPSec  used  to  be  the  only  site-to-site  VPN  option,  but  Array 
Networks'  new  site-to-site  support  in  its  SSL  VPN  gear  presents 
the  same  connectivity  but  with  some  differences. 


IPSec 

SSL 

Network-layer  connection  opens  all 
resources  to  the  other  site  unless  they 
are  restricted  physically. 

Access  can  be  restricted  per  application 
by  configuring  the  SSL  gateway. 

If  both  site-to-site  and  remote  access 
modes  are  used,  client  software  must 
be  deployed  to  all  remote-access 
machines. 

Remote-access  machines  without  clients 
can  gain  remote  access  to  the  VPN. 

BY  TIM  GREENE 

With  its  SSL  site-to-site  VPN  gear, 
Array  Networks  is  making  it  possi¬ 
ble  to  rachet  down  controls  on 
network  access  between  business 
partners  and  to  simplify  the  infra¬ 
structure  of  corporate  VPNs. 

Array’s  new  software  for  its  exist¬ 
ing  SSL  appliances  will  support 
SSL  VPN  connections  over  the 
Internet  between  LANs  in  sepa¬ 
rate  buildings.  To  date,  SSL  VPNs 
have  been  restricted  to  remote- 
access  connections  between  sin¬ 
gle  computers  and  VPN  gateways. 

Gateway-to-gateway  VPN  links 
were  the  sole  province  of  IPSec 
VPNs,  and  customers  could  use 
either  IPSec  or  SSL  VPNs  for 
remote  access. 

Insurance  broker  Hub  Inter¬ 
national  in  New  York  City  chose 
IPSec  for  site-to-site  access  and 
SSL  for  remote  access  because 
SSL  has  certain  advantages  over 
IPSec,  says  Tarron  Weir,  vice  presi¬ 
dent  and  CSO  for  the  firm. 

SSL  requires  only  a  Web  brows- 
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er  on  remote  machines  to  make 
a  VPN  connection  to  Web  appli¬ 
cations.  With  SSL,  client  software 
or  a  software  agent  can  be  down¬ 
loaded  on  the  fly  to  give  remote 
machines  full  network-layer  ac¬ 
cess  equal  to  that  of  IPSec.  IPSec 
remote  access,  on  the  other 
hand,  involves  installing  client 
software  and  setting  up  tunnels 
ahead  of  time. 

Hub  uses  Cisco  IPSec  gear  as  a 
backup  to  its  frame  relay  network; 
if  the  frame  network  goes  down, 
the  IPSec  equipment  connects 
company  offices  to  headquarters 
over  the  Internet,  Weir  says. 

He  says  he  will  phase  in  Array’s 
site-to-site  features  over  the  next 
two  months  to  save  on  VPN 
administration  time.  “You  have 
no  idea  how  much  time  it  takes 
to  administer  IPSec  tunnels  to 
business  partners  and  vendors,” 
he  says. 

With  SSL,  these  connections  can 
be  made  through  standard  SSL 
ports  in  firewalls.  In  addition, 
IPSec  creates  network-layer  ac¬ 
cess,  opening  up  all  a  business’s 
resources  to  the  remote-access 
user  unless  the  business  takes 
extra  steps  to  isolate  specific 


VPN  sessions  occur  as  if  machines  are 
on  the  same  LAN,  with  data  retained  on 
remote  machines. 


resources,  says  Michael  Suby  an 
analyst  with  Stratecast  Partners. 
SSL  can  restrict  users  per  applica¬ 
tion  via  its  application-layer  con¬ 
nectivity  Suby  says. 

For  this  reason,  Weir  says  the 
site-to-site  SSL  VPN  will  make  it 
simpler  to  restrict  the  access  of 
business  partners  and  vendors 


Sessions  can  be  conducted  on  safe 
desktops  that  are  encrypted  when  the 
session  ends. 


to  Hub’s  network.  “These  are 
trusted  partners,  but  I  still  don’t 
want  to  give  them  total  access,” 
he  says. 

For  some  customers,  phasing 
out  IPSec  gateways  also  will  mean 
one  less  device  to  manage,  al¬ 
though  single  IPSec/SSL  gateways 
do  exist.  Customers  can  buy  gate¬ 


ways  that  support  both  IPSec  site- 
to-site  and  SSL  remote  access,  for 
example,  gear  made  by  Caymas, 
Cisco  and  Nortel,  says  Rob  White- 
ley,  an  analyst  with  Forrester 
Research.  “So  any  site-to-site  con¬ 
nection  can  be  set  up  using  IPSec 
and  still  maintain  all  the  benefits 
associated  with  SSL  for  remote 
access,”  he  says. 

Site-to-site  SSL  gear  probably 
will  be  adopted  by  businesses 
that  don’t  have  site-to-site  VPN 
connections  or  by  businesses  that 
have  these  connections  but 
choose  to  phase  in  SSL  as  they 
add  sites,  Suby  says.  Even  Array 
says  it  doesn’t  expect  customers 
to  rip  out  site-to-site  IPSec  gate¬ 
ways  to  replace  them  with  SSL. 

The  software  can  be  installed  on 
Linux  devices,  letting  them  talk 
directly  via  VPN  to  other  ma¬ 
chines.  For  instance,  a  PC  used  for 
sales  in  a  retail  store  could  act  as 
a  gateway  to  headquarters  for 
uploading  sales  information, 
Array  says.  Customers  could  con¬ 
figure  the  gateways  to  create 
point-to-point  or  mesh  networks. 

The  Array  software  ships  in  early 
2007;  pricing  for  it  will  be  set  in 
two  weeks,  the  company  says.  ■ 


VPN  requires  close  integration  with  All  traffic  goes  through  SSL  ports  that 
firewalls  (and  usually  is  sold  bundled  with  generally  are  open  anyway  in  corporate 
a  firewall).  firewalls. 
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siion  adds  oomph  to  clustered  storage  line 


BY  DENI  CONNOR 

Isilon  today  plans  to  roll  out  enhance¬ 
ments  to  its  clustered  storage  system 
designed  to  help  companies  better  protect 
data  by  taking  point-in-time  snapshots  and 


balancing  loads  across  storage  resources. 

The  company’s  new  software  —  Snap- 
shotlQ,  the  SmartConnect  load  balancer 
and  an  update  to  its  OneFS  distributed  file 
system  —  works  with  a  cluster  of  Isilon  stor¬ 


age  systems,  accelerators  and  archiving 
nodes  linked  via  Gigabit  Ethernet  or 
InfiniBand.  Isilon  IQ  clusters  are  managed 
via  OneFS  and  connect  to  a  Gigabit 
Ethernet  network  (www.nwdocfinder.com 
/5578). 

SnapshotlQ  supports  an  unlimited  num¬ 
ber  of  snapshots  per  cluster,  and  as  many  as 
1,024  per  directory.  Snapshots  can  be 
scheduled  to  back  up  the  entire  cluster, 
individual  directories  or  subdirectories. 
With  SnapshotlQ,  users  can  recover  data 
from  within  Windows. 

SmartConnect  maximizes  performance  by 
balancing  client  connections  across  the 
entire  storage  cluster.  It  supports  only  the 
Unix/Linux  Network  File  System  failover  and 
fallback  for  availability;  Microsoft’s  Common 
Internet  File  System  clusters  are  not  support¬ 
ed.  With  SmartConnect,  IT  administrators 
can  create  policies  for  the  cluster  based  on 
throughput,  CPU  use,  client  connections  or 
application  availability 

OneFS  now  manages  as  much  as  a 
petabyte  of  capacity  and  provides  10G 
bytes/sec  of  performance.  That’s  a  big 
improvement  over  previous  systems  that 
maxed  out  at  250TB  of  capacity  and  3G 
bytes/sec  of  performance.  OneFS  now  can 


Power 

continued  from  page  12 

House  of  Representatives 
Bill  H.R.  5646 

I  Sponsored  by:  U.S.  House  of 
Representatives 

Description:  To  study  and  promote  the 
use  of  energy-efficient  servers  in  the  United 
States.The  initiative  calls  for  the  EPA,  under 
the  auspices  of  the  Energy  Star  program,  to 
submit  to  Congress  a  study  of  the  growth 
and  energy  consumption  of  data  centers. 
The  study  will  include  an  analysis  of 
growth  trends  and  server  utilization,  the 
migration  to  energy-efficient  processors, 
potential  cost  saving  available  through 
adopting  energy-efficient  servers  and  data 
centers,  and  the  impact  on  existing  energy 
grids,  as  well  as  recommendations  on 
incentives  offered  for  using  energy-efficient 
servers  and  data  centers. 

Impact:  Bills  in  the  House  and  Senate 
are  simply  a  nod  to  the  idea  of  promoting 
energy  efficiency.  Without  incentives,  utili¬ 
ties,  manufacturers  and  customers  are 
unlikely  to  adopt  efficiency  measures. 

Who  is  affected:  Any  U.S.  business. 

When  implemented:  Study  to  be  com¬ 
pleted  in  December  2006. 

7  National  Fire  Protection 
Standards 

I  Sponsored  by:  The  National 


Isilon's  clustered  storage  appliances  can 
store  as  much  as  a  petabyte  of  data  under  a 
single  file  system. 

handle  failure  of  three  or  four  nodes, 
whereas  previously  it  could  deal  with  the 
failure  of  only  one  or  two  nodes  (www.nw 
docfinder.com/5579). 

Isilon  last  month  filed  an  initial  public 
offering.  The  company  has  232  employees 
and  is  headed  by  Steven  Goldman,  for¬ 
merly  of  F5  Networks.  The  company  com¬ 
petes  with  vendors  of  clustered  file-system 
products,  such  as  EMC,  HP  and  Network 
Appliance,  as  well  as  start-ups  Panasas  and 
Cluster  File  Systems  (www.nwdocfinder 
.com/5580). 

SnapshotlQ  is  available  as  an  option  start¬ 
ing  at  $2,950  per  storage  node;  Smart¬ 
Connect  also  is  available  starting  at  $4,950 
per  node.B 


Fire  Protection  Association  (NFPA) 

Description:  The  NFPA  has  more  than 
300  codes  and  standards  that  minimize 
the  risks  and  effect  of  fires 
(www.nwdocfinder.com/5585). 

Impact:  The  National  Fire  Protection 
Standards  have  been  adopted  by  any  pro¬ 
fessional  involved  in  the  design  or  instal¬ 
lation  of  any  building  housing  computer 
equipment  or  any  data  center. 

Who  is  affected:  Any  data  center  design¬ 
er,  manager  and  IT  manager. 

When  implemented:  Now. 

Server  energy  measure¬ 
ment  protocol 

■  Sponsored  by:  The  EPA,  work¬ 
ing  with  vendors  and  researchers, 
including  AMD,  Dell,  HR  IBM  and  Sun. 

Description:  Vendors  and  researchers 
are  working  with  the  EPA  to  create  energy- 
efficiency  measurement  guidelines  for 
buyers  to  use  when  purchasing  low-end 
(1U  and  2U)  servers.  Future  efforts  will 
focus  on  applying  these  measuring  tools 
to  a  broader  array  of  server  types,  includ¬ 
ing  blade  servers. 

Impact:  Will  provide  standard  measur¬ 
ing  sticks  for  comparing  power/perfor¬ 
mance  metrics  for  servers. 

Who  is  affected:  Server  vendors,  enter¬ 
prise  buyers. 

When  implemented:  Draft  protocol  was 
submitted  to  the  EPA  on  Aug.  18 
(www.nwdocfinder.com/5586).  ■ 
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Select  the  right  tool. 
See  the  difference. 


Moves,  Adds  and  Changes 


Gigabit  Upgrades 


VoIP  Deployment 


Cable  Troubleshooting 


NETWORK  VISION 


The  right  tool  can  make  all  the 
difference.  That's  why  Fluke  Networks 
offers  a  range  of  portable  network 
tools  that  are  easy-to-use,  intuitive 
and  designed  to  accomplish 
exactly  what  you  need  them  to. 
Regardless  of  whether  you're 
performing  moves,  adds  and  changes, 
deploying  new  technologies  or 
troubleshooting  network  problems. 

We  have  the  tools  you  need  to 
immediately  focus  on  the  job  at  hand. 
And  focus  is  key  -  especially  as  your 
network  becomes  more  diverse,  and 
your  job  more  complex.  If  you're 
searching  for  the  right  tool  for  the 
job.  Fluke  Networks'  line  of  portable 
network  toots  are  worth  looking  into. 


I 
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See  for  yourself  what  a  difference 
the  right  tool  can  make.  Visit 
www.flukenetworks.com/righttool 
to  view  an  interactive  selection  guide 
that  will  help  you  determine  which 
tool  best  meets  your  needs. 
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AN  INTERNAL  DATA  BREACH  CAN  DEVASTATE  A  COMPANY'S  STOCK. 
AND  YOU  THINK  YOUR  MORNING  COFFEE  ROUTINE  IS  STRESSFUL. 

Think  your  morning  is  stressful?  Imagine  waking  up  to  news  that  your  company’s  stock  has  plummeted.  That's  exactly  what  you 
can  expect  if  it  gets  hit  with  a  data  breach.  Corporate  valuations  could  tumble.  So  could  careers.  That's  why  there’s  EpiForce’" 
from  Apani  Networks’”.  It's  built  from  the  ground  up  to  secure  your  enterprise  from  the  inside.  On  top  of  that,  it’s  highly  scalable 
and  creates  continuous,  easy-to-access  audit  trails.  Which  should  make  for  a  better  start  to  your  day.  |  ™ 

To  learn  more  about  securing  inside  the  network  perimeter,  get  a  free  copy  of  "The  Definitive  Guide  to  Security  Inside 
the  Perimeter"  from  Realtimepublishers.  sponsored  by  Apani  Networks.  Go  to  www.apani.com/nwguide 
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airs  Linux-based  routing  appliance 


One  early  adopter  swaps  out  some  Cisco  gear  in  favor  of  Vyatta. 


BY  PHILHGCHMUTH 

As  open  source  router  start-up 
Vyatta  formally  launched  its  first 
appliance  last  week,  one  early 
adopter  is  using  the  Linux-based 
gear  to  replace  Cisco  technolo¬ 
gies. 

Vyatta  is  offering  its  Open 
Flexible  Router  (OFR)  software 
preinstalled  on  Dell  server  appli¬ 
ances.  One  such  device  is  sched¬ 
uled  to  come  online  this  week  on 
the  network  of  Adify  a  small  San 
Bruno,  Calif.,  company  that  pro¬ 
vides  advertising  services  for  Web 
publishers  and  advertisers. 

“We’re  taking  several  measured 
steps  with  the  Vyatta  product”  to 
replace  some  pieces  of  Cisco 
infrastructure,  says  Charles  Stew¬ 
art,  vice  president  of  operations 
for  Adify 

The  first  step  took  place  this 
summer,  when  the  company 
moved  its  Asterisk  VoIP  system  — 
which  serves  35  internal  users 
and  10  remote  users  —  to  a  Vyatta 
box  on  a  separate  network  seg¬ 
ment.  Adify  was  running  VoIP  and 
data  traffic  through  its  Cisco  PIX 
firewall  and  a  2600  access  router 
but  decided  to  segregate  the  net¬ 
works  for  better  voice  quality 

The  company’s  next  step 
involves  deactivating  its  Cisco  PIX 
and  replacing  it  with  a  Vyatta  OFR 
appliance,  which  includes  stateful 
packet  inspection  firewall  fea¬ 
tures.  The  company’s  network 
manager,  Thor  Myhrstad,  built  its 
first  Vyatta  box  from  scratch  but 
says, “We  wanted  to  move  quickly 
on  [removing  the  PIX],  which  is 
why  we  chose  to  get  Vyatta  as  an 
appliance  this  time.” 
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The  new  Vyatta  appliances  are 
based  on  Dell  PowerEdge  850 
servers  —  a  single-rack-unit  box 
with  a  2.8GHz  Intel  Celeron  pro¬ 
cessor,  256MB  of  memory  and 
dual  Gigabit  Ethernet  ports.  A  sin¬ 
gle  PCI-X  slot  is  available  for  the 
various  WAN  interface  cards  that 
can  be  preinstalled  on  the  router. 
(Vyatta  uses  PCI-X-basedT-1  andT- 
3  cards  from  Sangoma).  The 
$1,800  package  includes  a  one- 
year  support  subscription  for 
OFR,  which  is  based  on  the  ex¬ 
tensible  Open  Router  Platform,  an 
open  source  routing  stack  and  a 
hardened  Linux  operating  system. 

Adify  also  plans  to  build  a  back¬ 
up  WAN  based  on  an  OFR  router 
and  DSL  links.  This  network  will 
be  used  in  the  event  of  a  failure 


on  the  dual  T-l  lines  it  rents  from 
provider  XO  Communications, 
Myhrstad  says.  Because  Vyatta 
supports  the  Virtual  Router  Re¬ 
dundancy  Protocol,  the  backup 
network  can  take  over  immediate¬ 
ly  in  case  of  an  outage,  he  says.  For 
now,  the  Cisco  2600  router  will 
stay  connecting  dual-T-1  links, 
because  that  box  is  provided  and 
maintained  by  XO. 

Down  the  road,  the  company  is 
considering  Vyatta/Dell  products 
as  a  possible  replacement  for  the 
Foundry  Networks  load  bal¬ 
ancers  it  uses  in  its  co-location 
facility,  where  the  company’s  rev¬ 
enue-generating  ad  servers  and 
billing  systems  operate.  Adify’s 
Stewart  says  he  is  talking  with 
Vyatta  developers  about  a  load¬ 


balancing  module  for  OFR  for 
the  future.  If  such  a  module  were 
available,  the  company  would  be 
using  it,  he  says. 

While  small  firms  such  as  Adify 
can  often  move  more  aggressively 
than  larger  organizations  into 
open  source  network  technology 
Vyatta  executives  acknowledge 
the  technology  is  not  ready  to 
take  over  the  networked  world. 

“Commodity  hardware  is  really 
an  effective  alternative  for  a  cer¬ 
tain  class  of  the  market,” says  Dave 
Roberts,  vice  president  of  strategy 
forVyatta.Tm  certainly  not  going 
to  put  one  of  these  Dell  [servers 
running  Vyatta]  into  the  Internet 
backbone  over  at  UUNETf  he 
adds,  but  the  Vyatta/Dell  product 
has  more  than  enough  horsepow¬ 


er  for  users  requiring  T-l/T-3  WAN 
speeds. 

Stewart  agrees.  “I  remember  the 
first  time  I  opened  up  an  F5  box, 
maybe  seven  years  ago,”  he  says, 
referring  to  an  older  version  of  the 
load-balancer  company’s  prod- 
uct.“I  said,  wait,  this  is  just  a  PC  . . . 
all  these  devices  are  just  a  net¬ 
work  interface  and  an  application 
doing  some  stuff  behind  it.” 

The  Dell/Vyatta  package  costs 
$1,800,  which  includes  a  one-year 
subscription  to  Vyatta’s  online 
technical  support  and  software 
updating/patch  service.  One-year 
contracts  for  software  support 
alone  cost  $500,  or  $650  with 
online  and  phone  support.  OFR 
also  can  be  downloaded  free 
from  the  company’s  Web  site.  ■ 


MuleSource  targets  open  source  ESB 


Profile:  MuleSource 


Location: 

San  Francisco 

Launched:  1  October  2006 

Key  executives:  Dave  Rosenberg,  GEO;  Ross  Mason,  creator  of  Mule  and  CTO  of 
MuleSource. 

Business: 

Provides  support,  services  for  the  open-source  Mule  integration 
platform. 

Origin  of  name: 

Mason  came  up  with  the  idea  and  name  for  Mule  after  being 
frustrated  by  the  "donkey  work"  required  to  use  traditional 
integration  platforms. 

__ 

Funding: 

S4  million  first  round  closed  in  August. 

Investors:  Hummer  Winblad  Venture  Partners  and  Morgenthaler  Ventures. 


BY  ANN  BEDNARZ 

A  start-up  built  around  the  Mule 
open  source  integration  project 
made  its  corporate  debut  last 
week.  MuleSource  is  backed  by  $4 
million  secured  in  a  first  round  of 
venture  funding  it  closed  this  past 
summer. 

The  creator  of  Mule,  Ross  Mason, 
is  the  company’s  CTO.  Mason  con¬ 
ceived  Mule  in  2003  as  an  alterna¬ 
tive  to  unwieldy  integration  plat¬ 
forms  that  he  found  required  spe¬ 
cialized  skills  and  overly  repetitive 
work. “The  idea  of  Mule  really  was 
to  simplify  this,  take  away  all  of 
that  donkey  work  from  the  devel¬ 
oper  and  let  the  developer  con¬ 
centrate  on  building  core  business  functional¬ 
ity’  he  says. 

Mason  designed  Mule  so  that  developers 
with  basic  Java  skills  can  tackle  integration.  It 
can  be  used  for  straightforward  projects,  such 
as  connecting  two  endpoints,  or  in  a  more 
advanced  middleware  role  as  an  enterprise 
service  bus  (ESB)  in  a  service-oriented  archi¬ 
tecture  (SOA)  environment.  Its  functions  in¬ 
clude  message  delivery,  message  transforma¬ 
tions,  pooling  and  threading  of  components, 
exception  handling  and  transaction  manage¬ 
ment.  The  Mule  framework  can  be  hosted  by 
any  J2EE  application  server, or  users  can  install 
it  independently. 

Mule  has  been  downloaded  200,000  times 
since  its  1.0  release  in  2005, and  more  than  100 
enterprises  are  using  it  in  large-scale  produc¬ 
tion  environments,  says  Dave  Rosenberg,  CEO 


and  cofounder  of  MuleSource.  Rosenberg  is  a 
former  CIO  for  investment  research  and  advi¬ 
sory  firm  Glass  Lewis  &  Co.  He  also  served  as 
principal  analyst  for  Open  Source  Develop¬ 
ment  Labs. 

MuleSource  will  provide  subscription  sup¬ 
port,  priced  per  server,  for  Mule  with  a  license 
based  on  the  Mozilla  Public  License.  Support 
subscriptions  include  patches,  bug  fixes,  main¬ 
tenance,  problem  resolution  and  developer 
assistance,  including  configuration,  perfor¬ 
mance  and  tuning  advice. 

Also  last  week,  MuleSource  released  version 
1 .3  of  Mule,  which  can  be  downloaded  for  free 
at  the  Mule  project  homepage  (www.mule 
.mulesource.org). 

New  features  built  into  Mule  1.3  include 
performance  upgrades,  such  as  faster  HTTP 
transport,  JMS  session  caching  upgrades 


and  metadata  handling  opti¬ 
mization.  With  the  1.3  release, 
Mule  services  can  invoke,  or  be 
invoked  by,  Spring  remoting  ser¬ 
vices.  Also  built  into  Mule  1.3  is 
a  new  HiveMind  container  that 
lets  developers  obtain  objects 
from  a  HiveMind  registry  to  use 
as  service  components  or  to 
configure  the  Mule  server. 
(Spring  and  HiveMind  are  appli¬ 
cation  frameworks  for  enterprise 
Java  development.) 

“Typically,  when  you  turn  to  a 
proprietary  vendor  for  integration, 
they  try  to  push  a  complex 
SOA/ESB/WS-*  stack  at  you  that 
costs  big  money  and  is  tremen¬ 
dously  complex,"  said  Jin  Chun,  chief  applica¬ 
tions  architect  of  State  Street  Bank’s  Global 
Link  electronic  network,  in  a  statement.  “The 
beauty  of  Mule  and  the  open  source  approach 
to  integration  is  that  it  allows  you  to  simply  get 
hooks  in  and  out  of  systems  for  data  transfor¬ 
mation,  and  to  do  the  integration  you  need, 
without  forcing  you  down  an  expensive  ven¬ 
dor  lock-in  path.” 

MuleSource  is  backed  by  Hummer  Winblad 
Venture  Partners  and  Morgenthaler  Ventures. 
Its  competitors  in  the  integration  and  ESB 
market  include  platform  such  vendors  as 
BEA  Systems,  IBM,  Microsoft  and  Oracle; such 
specialists  as  Cape  Clear  Software,  Fiorano 
Software,  Progress  Software  and  SOA 
Software;  and  such  open  source  options  as 
Apache  ServiceMix,  ObjectWeb  and  Red  Hat 
division  JBoss.  ■ 
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It’s  where  you  hear 
brilliant  IT  strategies 
delivered  direct  to  you 
from  Network  World  editors  six  months  ahead  of 
outsiders  even  knowing  about  them.  Where  you 
meet  personally,  one-on-one,  with  an  IT  all-star  to 
discuss  how  coming  technology  will  reshape 
your  enterprise.  Where  you  accomplish  a  year’s 
worth  of  vendor  analysis  among  more  than  two 
dozen  solution  providers  all  in  one  day. 

If  you’re  doing  business  in  any  of  these  eight 
critical  technology  areas... 
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Your  day  starts  with  a  keynote  from  John 
Gallant,  President  and  Editorial  Director, 

Network  World  followed  by  an  all-star  IT  panel 
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Corporate  dishonesty:  Is  HP  the  only  one? 


m  insider 

Scott  Bradner 


Watching  HP’s  slow-motion  train 
wreck  has  been  fascinating.  Every 
day  in  the  last  two  weeks  there 
has  been  a  new  revelation  of 
questionable  behavior  on  the  part 
of  this  once  admired  company  So 
far  Wall  Street  does  not  seem  to 
have  joined  in  the  fun;  HP’s  stock 
price  has  not  been  affected 
much,  even  though  The  Wall  Street 
Journal  has  been  the  most  aggres¬ 
sive  source  of  news  about  the 
story 

Even  congressional  hearings, 
complete  with  posturing  politi¬ 
cians  and  current  and  former  HP 
employees  invoking  their  right  to 


not  say  anything,  have  failed  to  get 
Wall  Street  to  react.  One  aspect  of 
this  story  has  puzzled  me  through¬ 
out  the  whole  ugly  saga  —  why 
did  some  HP  employees  go  along 
even  though  they  were  not  going 
to  individually  benefit  from  their 
misdeeds? 

This  question  is  hardly  a  new 
one,  but  what  makes  a  secretary  at 
Enron  or  an  accountant  at  Arthur 
Anderson  go  along  with  breaking 
the  law  when  their  pay  will  not  be 
affected?  According  to  a  recent 
New  York  Times  story  scientists  at 
Bayer  did  not  tell  the  Food  and 
Drug  Administration  about  possi¬ 
ble  adverse  effects  found  in  a  new 
study  on  people  using  Bayer’s 
heart-bypass-surgery  drug  Trasyo- 
lol  during  a  meeting  called  by  the 
FDA  to  talk  about  the  drug’s  safety 
Why  is  loyalty  to  an  employer 
higher  than  the  respect  for  hon¬ 
esty  and  to  the  law? 

Boston  University  law  professor 


Why  is  loyalty  to 
an  employer 
higher  than  the 
respect  for 
honesty  and  to 
the  law? 

Tamar  Frankel  explores  some  of 
these  issues  and  much  more  in 
her  recent  book  Trust  and  Hon¬ 
esty:  America’s  Business  Culture  at 
a  Crossroad.  She  outlines  a  num¬ 
ber  of  reasons  that  people  go 
along  with  falsehoods  and  dis¬ 
honesty  even  if  they  understand 
that  it  is  wrong  and  they  will  not 
directly  benefit  from  doing  so. 
Frankel  says  that  major  forces 
include  pressure  from  fellow  em¬ 
ployees  (peer  pressure),  actions 
by  those  in  leadership  roles,  isola¬ 
tion  of  the  leaders  behind  a  wall 
of  “yes  persons,”  a  feeling  that 


those  who  object  have  bad  inten¬ 
tions  and  a  feeling  that  everyone 
does  it. 

She  also  points  out  the  societal 
tendency  to  redefine  what  is 
wrong.  Sen.  Daniel  Patrick  Moyn- 
ihan  of  New  York  described  this 
as“definingdeviancydown”  (see 
www.nwdocfinder.com/5537). 
Moynihan  wrote  that  “the  amount 
of  deviant  behavior  in  American 
society  has  increased  beyond  the 
levels  the  community  can  afford 
to  recognize”  and  that  we  have 
been  redefining  deviancy  so  as 
to  exempt  much  conduct  previ¬ 
ously  stigmatized. 

If  dishonesty  becomes  the  norm 
in  corporate  behavior  there  is  a 
tendency  to  see  this  as  something 
not  to  worry  about.  Not  everyone 
agrees  with  Moynihan’s  assump¬ 
tions  (see  wwwnwdocfinder.com 
/5538),but  it  does  seem  to  explain 
what  went  on  within  HP  and 
Enron  and  many  other  corrupt 


organizations. 

In  the  HP  and  Bayer  cases  the 
public  found  out  about  the  wrong¬ 
doing  because  someone  would 
not  go  along  with  the  falsehoods 
and  dishonesty  —  so  not  every¬ 
one  falls  to  the  pressures.  The 
Sarbanes-Oxley  Act  requires  that 
public  corporations  set  up  a  way 
for  people  to  anonymously  report 
corporate  wrongdoing;  clearly  this 
is  a  critical  facility  if  we  are  to 
avoid  having  to  redefine  corporate 
malfeasance  as  normal. 

Disclaimer:  The  Harvard  Busi¬ 
ness  School’s  emphasis  on  ethics 
(announced  just  before  the  Enron 
collapse)  tries  to  do  its  part,  but 
that  only  covers  a  small  part  of 
corporate  America  and  the  above 
opinion  is  mine  alone. 

Bradner  is  a  consultant  with 
Harvard  University’s  University 
Information  Systems.  He  can  be 
reached  at  sob@sobco.com. 
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Managing  an  MPLS  migration 


EYE  ON  THE  CARRIER 

Johna  Till  Johnson 


Last  week,  we  discussed  some  of 
the  “lessons  learned”  from  early 
adopters  who  are  moving  toward 
MPLS.  This  week,  we’re  covering 
some  of  the  specifics  for  migrat¬ 
ing  to  MPLS  from  legacy  services, 
particularly  frame  relay 
First  and  foremost,  make  sure 
you  plan  to  invest  the  necessary 
time  up  front.  One  of  the  most 
common  questions  I  get  is  “how 
long  will  my  migration  process 
take?”There’s  no  easy  answer  —  it 
depends  on  the  number  of  sites, 
the  number  of  geographies  and 
your  starting  state.  But  here  are 
rough  guidelines:  Any  compre¬ 


hensive  RFP  process  should  be 
started  a  minimum  of  six  months 
before  the  desired  circuit  turn-up. 
Eight  months  is  better.  Very  early 
MPLS  adopters  invested  several 
years  in  discussions  with  their  car¬ 
riers.  That’s  no  longer  necessary, 
but  unless  you’re  very  small,  six 
months  to  a  year  is  optimal. 

Next,  make  sure  to  inventory 
your  applications.  Companies 
know  the  details  of  their  hardware 
down  to  the  operating  system  ver¬ 
sion  and  configuration  specifics 
—  but  don’t  have  the  faintest  clue 
about  the  applications  that  tra¬ 
verse  their  networks.  Here  are 
some  things  you  should  look  for: 

•  Inventory  and  itemize  your 
applications.  Which  do  you  have, 
how  many  are  there,  and  how 
often  are  they  used? 

•  Profile  the  applications.  Next, 
understand  the  network  charac¬ 
teristics  of  your  applications.  Are 
they  store-and-forward?  Or  inter¬ 


active?  How  “chatty”  are  they?  In 
typical  usage  scenarios,  how 
much  bandwidth  do  they  con¬ 
sume?  How  does  that  vary  by  time 
of  day/week/month/year? 

•  Understand  the  users.  The  net¬ 
work  manager  at  one  large  client 
was  getting  flak  because  network 
utilization  was  “too  high”  —  until 
he  demonstrated  the  heaviest 
users  were  programmers  develop¬ 
ing  a  critical  application. Suddenly 
high  network  utilization  was  no 
longer  a  problem. 

•  Be  sure  to  include  in  your 
analysis  applications  that  may  be 
on  other  networks  (particularly 
video  and  voice). You’ll  need  this 
information  for  capacity  planning. 

Once  you  have  this  information, 
work  with  your  provider  to  size 
and  structure  the  new  network. Be 
sure  to  take  into  consideration 
that  usage  will  change  as  band¬ 
width  becomes  available  —  and 
that  it  may  affect  contract  terms 


and  conditions,  particularly  mini¬ 
mum  annual  revenue  commit¬ 
ments  (MARC).  Avoid  mini- 
MARCs  —  commitments  to  pur¬ 
chase  particular  amounts  of  parti¬ 
cular  types  of  service,  such  as 
voice  —  in  favor  of  an  overall 
combined  MARC. 

Budget  for  ongoing  monitoring. 
Your  carrier  will  assure  you  that 
the  provider  will  monitor  every¬ 
thing  you  need.Trust,  but  verify  — 
you’ll  want  tools  of  your  own  to 
keep  the  carrier  honest. 

Assess  your  backup  options  — 
in  many  cases,  backup  for  frame 
networks  is  provided  by  the  same 
ISDN  network  that  doubles  as  a 
videoconferencing  infrastructure. 
With  MPLS,  not  only  is  your  overall 
bandwidth  increasing  but  your 
ISDN  network  may  be  going  away 
Ask  carriers  to  discuss  backup 
options  in  detail. 

Last  but  not  least,  don’t  forget 
the  people  part  of  the  process. 


Moving  to  MPLS  is  likely  to  involve 
significant  changes  in  your  overall 
organizational  structure.  What  are 
they?  We’ll  discuss  next  week. 

Johnson  is  president  and  chief 
research  officer  at  Nemertes 
Research,  an  independent  technol¬ 
ogy  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 
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IBM  debuts  new  batch 
of  SOA-related  offerings 


READY  FOR  THAT  WIN-WIN? 


BY  ANN  BEDNARZ 

In  its  second  service-oriented  architec¬ 
ture  blitz  of  the  year,  IBM  last  week  detailed 
a  range  of  products  and  services  aimed  at 
helping  companies  extend  their  service- 
oriented  architecture  deployments. 

Six  months  ago  (www.nwdocfinder.com 
/5553),IBM  released  11  new  SOA  products, 
20  product  upgrades  and  eight  new  service 
offerings.  This  time  around,  IBM  delivered 
four  new  products,  23  product  upgrades 
and  1 1  new  service  offerings. 

Among  the  new  products  is  WebSphere 
Registry  and  Repository  (WSRR),  which 
lets  users  publish  and  find  services  and 
related  metadata.  The  software  can  be 
linked  to  a  company’s  existing  registries 
and  repositories  to  create  an  aggregate 
view  of  available  application  resources. 
WSRR  also  manages  role-based  access  to 
components  and  keeps  tabs  on  service 
dependencies  and  the  impact  of  service 
introductions,  deletions  or  alterations. 

IBM  also  unveiled  WebSphere  Business 
Services  Fabric,  which  is  based  on  assets 
IBM  gained  in  its  August  acquisition  of 
Webify  Solutions.  The  technology  platform 
consists  of  prebuilt  SOA  assets,  semantic 
models  and  policies  that  can  help  create 
industry-focused  SOA  products.  It  supports 
a  range  of  industry  standards,  such  as  the 
insurance  industry’s  ACORD  standards.  IBM 
says  it  will  make  industry-specific  services 
—  such  as  claims  processing  in  insurance 
or  regulatory  compliance  in  healthcare  — 
available  through  its  SOA  Business  Catalog, 
a  repository  of  IBM  and  business  partner- 
developed  SOA  software  assets. 

IBM  focused  a  number  of  product 
upgrades  on  business  process  manage¬ 
ment  capabilities.  A  new  release  of  Web¬ 
Sphere  Business  Modeler  includes  tooling 
designed  to  more  easily  identify  process 
bottlenecks  and  inefficiencies  before  they 
affect  corporate  performance.  IBM  built 
business  activity-monitoring  features  into 
the  new  release  of  WebSphere  Business 
Monitor,  while  the  latest  release  of 
WebSphere  Process  Server  bolsters  support 
for  processes  focused  on  people. 

On  the  professional  services  front,  IBM 
unveiled  offerings  aimed  at  SOA  security 
service  management  and  virtualization. 
Newly  formalized  security-planning  en¬ 
gagements  tackle  such  issues  as  managing 
user  identity  and  access  control,  securing 
transactions  across  multiple  distributed 
systems  and  developing  consistent  security 
management  policies. 

The  management-focused  services  are 
intended  to  complement  IBM’s  Tivoli  soft¬ 
ware  portfolio,  which  includes  the  new 
Tivoli  Change  and  Configuration  Manage 


ment  Database  along  with  Tivoli  Composite 
Application  Manager  for  SOA,  which  helps 
IT  staff  isolate  Web  service  performance 
problems. 

The  new  products  and  services  help 
close  gaps  in  IBM’s  SOA  lineup,  says  Tracy 
LeGrand,  chief  architect  and  vice  president 
of  technology  strategy  and  architecture  at 
Ameriprise  Financial.  The  financial  adviso¬ 
ry  company  which  split  from  American 
Express  a  year  ago,  built  an  SOA  to  link  its 
1 1  lines  of  business.  Ameriprise  started  its 
migration  to  an  SOA  in  1999,  using  Web¬ 
Sphere  MQ  and  WebSphere  Business  Inte¬ 
gration  software  as  its  message-routing 
backbone. 

As  a  fairly  early  SOA  adopter,  Ameriprise 
has  had  to  deal  with  gaps  in  IBM’s  product 
lineup  —  which  today  the  vendor  is  work¬ 
ing  to  fill,  LeGrand  says.“What  IBM  is  doing, 
at  least  in  our  view,  is  enhancing  their  prod¬ 
ucts  to  cover  spaces  where  we  had  to  bring 
in  alternative  products  to  fit,”  he  says.  In  the 
past, “we  became  the  integrator  whenever  it 
was  IBM  and  non-IBM  products.” 

Ameriprise  could  benefit  from  additions 
such  as  enhanced  BPM  capabilities  and 
the  Webify-inspired  WebSphere  Business 
Services  Fabric,  LeGrand  says.  He’s  also 
interested  in  IBM’s  new  registry  product, 
WSRR.  “We’ve  had  a  registry  of  our  own, 
both  built  into  the  IBM  hub  that  we  bought 
years  ago,  as  well  as  a  separate  registry 
we’ve  had  to  maintain.  So  this  has  closed 
some  major  gaps  for  us.” 

LeGrand  took  part  in  a  teleconference 
last  week  with  IBM  executives  Steve  Mills, 
senior  vice  president  of  the  software  group; 
Mike  Daniels,  senior  vice  president  of  glob¬ 
al  technology  services;  and  Robert  Le- 
Blanc,  WebSphere  general  manager. 

Mills  stressed  IBM’s  commitment  to  grow¬ 
ing  its  SOA  products  and  services  portfo¬ 
lios.  “The  IBM  company  has  over  300  SOA- 
related  patents. We  will  invest  more  than  $1 
billion  this  year  in  SOA-specific  investments 
associated  with  both  technology  and  the 
building  of  services  practices,”  Mills  says. 
“This  is  very  much  a  cross-IBM  initiative.”  ■ 


nww.com 

Application-acceleration  event 

Server  consolidation,  compression,  caching,  TCP 
acceleration  —  the  demand  for  faster  perfor¬ 
mance,  greater  efficiency  and  better  ROI  never 
ends.  Register  now  and  attend  this  new  Network 
World  Live  Technology  Tour  event  free  in  October. 

www.nwdocfinder.coin/5336 
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Introducing  the  Nortel  Secure  Router  Portfolio  that's  built  for 


convergence.  Up  to  4x  the  throughput.  Secure.  Reliable.  All  at  25% 


less  cost  than  the  leading  competitor.  Get  the  facts  and  your  free 


http://www.nortel.com/securerouter_report 
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Management 

continued  from  page  1 

“Venture  capitalists  go  where  the  dollars 
go,  and  it’s  clear  people  are  still  spending 
on  management  technologies.” 

Here  are  10  management  companies 
topping  our  list  as  ones  to  watch: 

CiRBA 

Founded:  March  1999 
Headquarters:  Richmond  Hill, 

Ontario,  Canada 
Management:  Gerry  Smith,  pres¬ 
ident  and  CEO,  previously  with 
Compuw'are  and  ChangePoint. 

Funding:  $5  million  investment  from 
EdgeStone  Capital  Venture  Fund  II  in 
February  2006. 

What  does  the  company  offer? 

CiRBAs  Data  Center  Intelligence  soft¬ 
ware  detects  detailed  configurations, 
changes  and  differences  across  heteroge¬ 
neous  environments;  stores  them  in  a  cen¬ 
tral  repository;  and  lets  network  managers 
analyze  empirical  data  to  identify  risks, 


problems  and  optimization  opportunities. 

Why  is  it  worth  watching? 

As  interest  in  data  center  consolidation 
continues  to  rise,  enterprise  IT  managers 
could  look  to  CiRBA  for  a  tool  that  accu¬ 
rately  inventories  their  systems,  those  sys¬ 
tems’  utilization,  and  changes  to  the  sys¬ 
tems  and  the  impact  on  performance  and 


MANAGEMENT 

COMPANIES  TO  WATCH 


availability 

How  did  the  company  get  its  start? 

Founded  in  1999  to  help  data  center 
operations  managers  “get  a  handle”  on 
their  environments. 

Where  did  the  company  get  its  name? 

CiRBA  loosely  translates  to  configuration 
item  request  broker  architecture,  a  play  on 
CORBA. 

Who’s  using  the  product  today?  CiRBA 


Silver  Peak  unveils 
WAN  gear  security  map 


BY  TIM  GREENE 

Silver  Peak  this  week  plans  to  introduce  a 
security  road  map  for  its  WAN  acceleration 
gear  that,  when  implemented,  will  not  only 
make  traffic  between  corporate  sites  more 
secure  but  also  will  speed  up  SSL  transac- 
tions.The  company  also  plans  to  introduce 
an  appliance  that  tops  the  speed  of  its  cur¬ 
rent  flagship  device. 

The  new  security  scheme,  called  Secure 
Content  Architecture,  includes  current 
capabilities  such  as  encryption  of  data  that 
is  stored  on  Silver  Peak  appliances  and  that 
could  otherwise  represent  a  security  weak¬ 
ness.  It  also  includes  new  capabilities,  such 
as  support  for  SSL  encryption. 

Silver  Beak  devices  sit  at  either  end  of 
WAN  connections  and  use  multiple  means 
to  cut  the  amount  of  traffic  that  has  to  cross 
the  link.This  includes  storing  chunks  of  data 
on  the  disks  of  local  Silver  Peak  machines. 
Rather  than  sending  these  chunks  each 
time  they  are  needed,  the  remote  Silver 
Fbak  device  sends  a  brief  reference  pointer. 

When  these  blocks  of  data  are  stored  to 
the  disk  on  Silver  Peak  machines,  they  are 
encrypted.  Left  unencrypted,  this  data 
could  be  compromised, says  Rob  Whiteley 
an  analyst  with  Forrester  Research. 

The  company  says  it  plans  to  support  SSL 
termination  and  initiation  to  further  secure 
and  speed  iraffic.This  would  enable  devices 
to  set  up  SSL  sessions  across  the  wide  area 
link  but  will  also  be  able  to  terminate  the 
proxy  SSL  sessions  that  arrive  at  the  boxes. 


Silver  Peak  claims  its  NX-8500  can  crank  out 
500Mbps  of  fully  optimized  WAN  traffic. 

Currently  many  applications  such  as  SAP 
and  Siebel  are  sent  from  desktops  to 
servers  via  SSL  sessions.  These  encrypted 
sessions  cannot  be  compressed,  because 
compression  devices  cannot  see  the  pack¬ 
et  payloads.  With  support  for  SSL,  Silver 
Peak  devices  can  terminate  these  sessions, 
compress  the  traffic  then  send  it  along  via  a 
new  SSL  session. 

This  can  dramatically  improve  the  perfor¬ 
mance  of  WAN  links  where  SSL  traffic  rep¬ 
resents  a  high  percentage  of  total  traffic, 
Whiteley  says.  Blue  Coat  Systems  has  this 
capability  but  other  vendors  such  as  Cisco, 
Expand,  Juniper  and  Riverbed  do  not,  he 
says. 

Silver  Peak  is  also  introducing  its  fastest 
model,  NX-8500,  that  has  a  top  speed  of 
500Mbps  with  all  its  features  turned  on  and 
800Mbps  if  it  is  only  optimizing  TCP  ses¬ 
sions  for  higher  throughput.  Its  former  fast 
box,  NX-7500,  supported  155Mbps  and 
800Mbps,  respectively 

NX-8500  is  expected  to  be  available  in  the 
fourth  quarter  and  cost  $130,000.  ■ 


lists  among  its  customers  Aetna,  Bell  Mo¬ 
bility  (a  division  of  Bell  Canada),  Interac, 
Lawrence  Berkeley  National  Laboratory, 
Rogers  Wireless  and  TD  Bank  Financial 
Group. 

FiveRuns 

Founded:  February  2005 

Headquarters:  Austin, 
Texas 

Management:  CEO 

Steven  Smith,  previously 
CTO  of  Tonic  Software 
(acquired  by  Altiris 
Software)  and  senior  vice 
president  of  R&D  at  Neon 

Systems. 

Funding:  $2.95  million  investment  from 
Austin  Ventures  in  October  2005;  currently 
securing  second-round  financing. 

What  does  the  company  offer? 

FiveRuns  Systems  Management  uses  a 
software-as-a-service  delivery  model  and 
monitors  systems  running  Apache,  JBoss, 
Linux,  Macintosh  OS  X,  Microsoft  Win¬ 
dows,  MySQL,  Sun  Solaris  and  Tomcat. 
Customers  download  client  software,  and 
FiveRuns  hosts  the  management  server  at 
its  data  center. 

Why  is  it  worth  watching? 

At  $60  per  server,  per  month  regardless  of 
the  number  of  CPUs  or  applications  run¬ 
ning  on  the  server,  the  price  may  be  right 
for  customers  who  want  to  offload  the  task 
of  monitoring  and  get  started  quickly 

“It’s  really  an  instant-results  thing  for  cus¬ 
tomers,”  says  Gary  Chen,  an  analyst  with 
Yankee  Group. 

How  did  the  company  get  its  start? 

Smith  saw  a  gap  in  the  “stagnant”  market 
to  which  the  “big  players  couldn’t  scale 
down,”  and  an  opportunity  to  build  a  host¬ 
ed  service  for  small  and  midsize  business 
(SMB)  customers  to  monitor  critical  IT 
elements. 

Where  did  the  company  get  its  name? 

FiveRuns  is  the  name  of  a  creek  in  south¬ 
ern  Alabama  where  Smith  and  his  father 
used  to  fish. 

Who’s  using  the  product  today? 

The  company  kicked  off  a  beta  program 
earlier  this  year,  in  which  1,500  potential 
customers  downloaded  the  software,  and 
invited  300  active  testers  into  the  program. 

Kace 

Founded:  February  2003 

Headquarters:  Mountain  View,  Calif. 

Management:  CEO  and  co-founder  Rob 
Meinhardt  previously  worked  as  a  princi¬ 
pal  with  R.B.  Webber  &  Co.,  a  strategic 
management  consulting  firm. 

Funding:  $8  million  from  Norwest  Ven¬ 
ture  Partners  in  May  2005;  $3  million  from 
Sigma  Partners  in  July  2005. 

What  does  the  company  offer? 

KBOX  IT  Management  Suite,  which  is 
software  packaged  as  an  appliance  for 
easy  installation  and  maintenance.  It  tar¬ 
gets  company  departments  or  SMBs.  The 


initial  appliance  family  automates  daily 
tasks  on  servers,  desktops,  laptops,  routers, 
switches  and  printers;  a  second  product 
set  performs  provisioning. 

Why  is  it  worth  watching? 

Peter  Solvik,  managing  director  of  Sigma 
Partners  and  former  senior  vice  president 
and  CIO  of  Cisco,  sits  on  the  board  of 
directors.  Norwest  Venture  Partners’ Abbott 
says,  “The  fact  that  Kace  delivers  its  prod¬ 
ucts  as  appliances  is  unique,  and  the  com¬ 
pany  has  reached  a  critical  mass  of  cus¬ 
tomers.” 

How  did  the  company  get  its  start? 

Meinhardt  saw  an  opportunity  to  serve 
the  SMB  market  with  automated  network 
and  systems  management  software  deliv¬ 
ered  as  an  easy-to-install  appliance. 

How  did  the  company  get  its  name? 

Meinhardt  and  Marty  Kacin,  co-founder, 
president  and  CTO,  wanted  a  four-letter 
URL,  and  played  off  the  latter’s  name. 

Who’s  using  the  product  today? 

Kace  lists  the  California  Department  of 
Housing  and  Community  Development, 
Coinstar,  New  England  Motor  Freight  and 
Freedom  Mortgage  among  its  customers. 

Klir  Technologies 

Founded:  November  2000 

Location:  Seattle 

Management:  Co-founder  and  CEO 
James  Maiocco  previously  worked  as  a  cor¬ 
porate  technology  and  business  attorney 

Funding:  $8.7  million  from  Ignition  Part¬ 
ners  and  MK  Capital  in  June  2005;  $3.2  mil¬ 
lion  from  several  angel  investors. 

What  does  the  company  offer? 

Klir  Analytics,  hosted  IT  management 
software  delivered  as  a  monthly  subscrip¬ 
tion  service. 

Why  is  it  worth  watching? 

The  company  is  partnering  with  vendors 
and  industry  analyst  firms  and  using  Web 
2.0  technologies  to  subsidize  the  cost  of  its 
software,  making  it  available  for  free  to 
customers  managing  a  maximum  of  25 
devices. 

How  did  the  company  get  its  start? 

Founders  acted  on  the  opportunity  to 
deliver  software-as-a-service  and  provide  a 
product  to  address  the  majority  of  IT  man¬ 
agement  issues  without  expense  and  labor 
upfront. 

How  did  the  company  get  its  name? 

Klir  is  the  phonetic  spelling  of  the  word 
clear. 

Who’s  using  the  product  today? 

Klir  lists  CACI,  ISI  and  Planet  Beach 
among  its  customers. 

Persystent  Technologies 

Founded:  February  2002 

Location:  Tampa,  Fla. 

Management:  President  and  CEO  Ray 
Weadlock,  previously  CEO  of  Fortress  Tech¬ 
nologies. 

Funding:  $7  million  in  Series  B  round  of 
funding,  led  by  Valhalla  Partners;  $1.6  mil- 

See  Management  page  26 
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lion  in  Series  A  funding  by  Inflexion 
Partners,  Tall  Oaks  Capital  and  Village 
Ventures. 

What  does  the  company  offer? 

Persystent  Enterprise  software  automati¬ 
cally  resolves  system  issues  with  every  PC 
boot,  reducing  the  need  for  IT  staff  to  visit 
desktops.  It  operates  before  the  operating 
system  loads  on  a  client  machine,  after  the 
machine  loads  its  basic  I/O  sys¬ 
tem.  The  company  says  it  works 
transparently  to  the  user. 

Why  is  it  worth  watching? 

“Customer  service  is  an  invisible 
monster;  it  can  make  you  or  it  can 
break  you,”  says  Dick  Hamann, 
vice  president  of  IT  and  resources 
and  CIO  of  Seminole  Community  College, 
outside  Orlando.Tapping  an  automated  fea¬ 
ture  that  lets  him  shut  down  PCs  after-hours 
is  saving  Hamann  some  “$65,000  per  year  in 
utility  bills  alone.” 

How  did  the  company  get  its  start? 

While  company  founders  were  working 
on  a  problem  for  Compaq,  they  noticed 
desktop  support  requirements  took  too 
much  time  and  they  created  ways  to 
reduce  the  manual  efforts. 

How  did  the  company  get  its  name? 

A  play  on  the  company’s  value  proposi¬ 
tion,  for  instance,  persistent  performance, 
availability  and  compliance  of  enterprise 
desktops. 

Who’s  using  the  product  today? 

Persystent  lists  Seminole  Community 
College  and  Tennant  Company  among  its 
customers. 

Q1  Labs 

Founded:  February  2001 

Location:  Waltham,  Mass. 

Management:  CEO  Shaun  McConnon, 
previously  served  as  CEO  of  Okena 
(acquired  by  Cisco)  and  Raptor  Systems. 

Funding:  $4  million  in  initial  funding  from 
BDC  Venture  Capital  and  New  Brunswick 
Investment  Management;  $14.4  million  in 
Series  B  funding  led  by  Polaris  Venture 
Partners  and  Menlo  Ventures  in  November 
2003;  an  additional  $11  million  from  exist¬ 
ing  investors  and  new  investor  Globespan 
Capital  Partners  in  June  2004. 

What  does  the  company  offer? 

Its  QRadar  —  radar  stands  for  real-time 
anomaly  detection  and  resolution  —  net¬ 
work  behavior  analysis  system  detects  and 
responds  to  anomalous  network  behavior; 
builds  real-time  network-asset  profiles  and 
correlates  events  from  enterprise  security 
products. 

Why  is  it  worth  watching? 

Network  behavior  analysis  software  is  the 
next  wave  of  security  tools  that  couple  traf¬ 
fic  monitoring  and  analysis  with  intelli¬ 
gence  on  known  and  unknown  threats  to 
better  secure  internal  networks. 

How  did  the  company  get  its  start? 


Three  technical  experts, and  later  Q1  Labs 
founders,  from  the  University  of  New 
Brunswick  solved  UNB’s  security  problem 
by  inventing  technology  to  reduce  the 
number  of  hostile  attacks  on  UNB’s  com¬ 
puter  network. 

How  did  the  company  get  its  name? 

The  founders  turned  for  inspiration  to  the 
place  that  turned  out  the  “coolest  technical 
gear  on  the  planet”:  the  laboratories  of  Q, 
which  armed  James  Bond  with  the  tools 
and  equipment  he  needed  to  survive  in  a 


hostile  environment. 

Who’s  using  the  product  today? 

Q1  Labs  lists  among  its  customers  Borgess 
Health  Alliance,  Cornell  University  Harvard 
University,  NASA  and  the  U.S.Army. 

Spiceworks 

Founded:  January  2006 

Location:  Austin, Texas 

Management:  CEO  Scott  Abel,  previously 
co-founded  Motive 

Funding:  $5  million  in  Series  A  round  of 
funding  led  by  Austin  Ventures  in  June 
2006.  ^ 

What  does  the  company  offer? 

Spiceworks  IT  Desktop  software,  free  for 
download, manages  networks  with  as  many 
as  250  devices,  providing  inventory  status 
and  monitoring  data  on  network  systems, 
without  requiring  IT  managers  to  distribute 
agents  to  managed  devices. 

Why  is  it  worth  watching? 

The  bulk  of  its  revenue  will  come  from 
the  clickable  ads  featured  in  its  IT  Desktop 
console  program.  Users  get  the  software  for 
free  because  of  the  adware. 

How  did  the  company  get  its  start? 

The  founders  believed  that  existing  tools 
provided  more  than  IT  managers  needed 
to  solve  a  majority  of  their  daily  problems, 
so  they  researched  the  market  and  decided 
to  couple  management  capabilities  with  a 
Web  2.0, communitylike  application. 

How  did  the  company  get  its  name? 

The  founders  viewed  the  network  and  sys- 
tems-management  market  as  an  area  that 
“desperately  needed  spicing  up.” 

Who’s  using  the  product  today? 

About  5,000  users  in  80  countries  have 
downloaded  and  participated  in  a  beta 
testing  program  over  the  summer,  including 
companies  Nanocoolers  and  Pluck. 

Splunk 

Founded:  The  three  founders  joined 
forces  in  October  2002  and  incorporated 
the  company  as  Splunk  in  November  2004. 

Location:  San  Francisco 

Management:  Michael  Baum,  co-founder 
and  chief  executive  splunker,  previously  a 


co-founder  of  Collation,  acquired  by  IBM’s 
Tivoli  software;  Arthas,  acquired  by  Yahoo; 
and  Reality  Online,  acquired  by  Reuters. 

Funding:  $10  million  in  Series  B  funding 
from  JK&B  Capital  and  existing  investors  in 
January  2006;  $5  million  in  Series  A  funding 
from  August  Capital  and  Sevin  Rosen  Funds 
in  December  2004. 

What  does  the  company  offer? 

Splunk  Server  is  software  that  searches 
across  logs,  message  queues,  configuration 
files,  SNMP  traps  and  database  transactions 
to  correlate  events  more 
quickly  that  could  be  related 
to  a  failure  —  and  that  net¬ 
work  managers  would  typi¬ 
cally  have  to  search  manual¬ 
ly 

Why  is  it  worth  watching? 

The  company’s  software 
can  be  used  as  a  complementary  tool  for 
existing  network  and  systems-management 
products.  And  Splunk  was  wise  to  make  an 
open  source  version  available  earlier  this 
year,  further  reducing  the  cost  for  cus¬ 
tomers  adding  it  their  tool  kits. 

How  did  the  company  get  its  start? 

Company  founders  were  frustrated  in 
building  and  managing  data  centers  and 
wanted  to  make  navigating  IT  infrastructure 
“as  easy  as  surfing  the  Web.” 

How  did  the  company  get  its  name? 

The  word  Splunk  is  derived  from  spelunk, 
which  is  a  verb  meaning  to  explore  natural 
caves. 

Who’s  using  the  product  today? 

Splunk  lists  Dow  Jones,  FedEx,  Sony  and 
the  U.S.  Postal  Service  among  its  customers. 

Symphoniq 

Founded:  January  2003 

Location:  Palo  Alto 

Management:  CEO  Hon  Wong,  previously 
co-founder  and  board  member  at  NetlQ. 

Funding:  $8.7  million  from  first  round  of 
funding  in  January  2003;  $8.3  million  from 
second  round  in  June  2006;  major  investors 
in  both  rounds  include  the  founders  and 
Interwest  Partners  and  Greylock. 

What  does  the  company  offer? 

TrueView  software  monitors  application 
performance  from  browser  to  back  end  to 
automatically  detect,  diagnose  and  pin¬ 
point  problems. 

Why  is  it  worth  watching? 

InterWest  Partners’  Bowsher  says,  “Sym¬ 
phoniq  can  get  to  the  root  of  a  problem 
quickly  by  using  automation  and  making 
people  smarter,  and  that  is  critical,  because 
right  now  too  much  effort  is  invested  in 
identifying  problems.” 

How  did  the  company  get  its  start? 

Former  NetlQ  executives,  thinking 
about  solving  performance  problems  with 
Web-based  applications,  started  Sym¬ 
phoniq. 

How  did  the  company  come  up  with  its 
name? 

Part  a  play  on  symphony  based  on  how 
TrueView  orchestrates  the  complex  moving 


parts  of  Web  applications  to  let  them  work 
in  concert,  with  an  IQ  on  the  end  to  pay 
homage  to  the  company’s  NetlQ  roots. 

Who’s  using  the  product  today? 

Symphoniq  lists  Milliman  and  Wallop,  a 
start-up  spun  out  of  Microsoft  IP  Ventures,  as 
its  customers. 

Uplogix 

Founded:  December  2003 

Location:  Austin, Texas 

Management:  CEO  Barry  Cox  was  previ¬ 
ously  with  AlterPoint,  where  he  was  respon¬ 
sible  for  product  design  and  release  man¬ 
agement  of  its  network  device  configura¬ 
tion-management  product. 

Funding:  $7.0  million  round  of  Series  B 
financing  from  Adams  Capital  Manage 
ment  and  returning  support  from  existing 
investors  in  April  2006;  $3.6  million  in  first- 
round  funding  from  Fayez  Sarofim  &  Co. 
and  individual  investors  in  July  2005. 

What  does  the  company  offer? 

The  company’s  family  of  Envoy  and  EMS 
network  management  appliances  enables 
out-of-band  connectivity  —  meaning  if  the 
network  goes  down,  the  devices  can  still  be 
reached  —  to  support  remote  offices,  and 
automates  several  processes  for  diagnostics 
and  recovery  reducing  the  need  to  staff  dis¬ 
tributed  locations. 

Why  is  it  worth  watching? 

“Deploying  staff  to  remote  locations  is 
costly  and  disruptive. The  ROI  of  this  type  of 
technology  will  be  invaluable  as  more  com¬ 
panies  look  to  consolidate  data  centers,” 
says  Dennis  Drogseth  a  vice  president  with 
Enterprise  Management  Associates. 

How  did  the  company  get  its  start? 

The  founders  were  convinced  there  had 
to  be  a  way  to  manage  the  edge  of  the  net¬ 
work  without  relying  solely  on  the  network 
to  do  so. 

How  did  the  company  get  its  name? 

The  name  comes  from  “the  logic  to 
increase  uptime  for  networks.’The  founders 
were  listening  to  Stevie  Ray  Vaughn  on  the 
radio  playing  “Little  Wing,”  a  Jimi  Hendrix 
song,  and  were  inspired  to  end  the  spelling 
of  the  name  with  an  X. 

Who’s  using  the  product  today? 

Uplogix  lists  Prairie  View  A&M  University 
and  RigNet  among  its  customers.  ■ 
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Network  management  event 

Best  practices  and  new  technology  have  made  net¬ 
work  management  hot  —  "the  engine  driving  the 
agile  enterprise."  Where  can  you  learn  and  see 
what's  new?  Attend  a  Network  World  IT  Roadmap 
event  coming  to  San  Francisco.  One  day,  eight 
tracks  and  40  IT  all-stars,  analysts,  vendors  and 
user  case  studies  ready  to  work  for  you. 
www.nwdocrinder.com/5340 


A  Stock  Market  Processing  300  Million  Transactions  a  Day. 
Running  on  Microsoft  SQL  Server  2005. 


NASDAQ,  the  largest  U.S.  electronic  stock  market,  lists  companies 
from  37  countries.  Their  crucial  trading  and  messaging  systems  use 
SQL  Server™  2005  to  handle  up  to  64,000  transactions  per  second 
with  99.999%  uptime.*  See  how  at  microsoft.com/bigdata 
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The  chemistry  of  networking 

Network  plumbing  helps  chemical  manufacturers  streamline  operations. 


BY  PHIL  HGCHMUTH 

hemical  manufacturers  must  oper¬ 
ate  a  serious  network  of  plumbing: 
pipes,  ducts  and  valves  to  process, 
produce  and  transport  millions  of 
gallons  —  and  billions  of  dollars  —  of 
valuable  product. 

These  companies  also  are  expanding 
their  plumbing  when  it  comes  to  network 
transport,  and  the  various  types  of  applica¬ 
tions  they  deliver  over  Ethernet, WANs  and 
wireless  networks.  IP  networks  at  compa¬ 
nies  such  as  Dow  Corning  and  Nova 
Chemical  are  helping  to  push  sales  infor¬ 
mation  to  employees  in  the  field,  central¬ 
ize  plant  and  back-office  data  stores,  and 
even  adjusting  the  heat  or  mixture  of 
complex  processes. 

“When  our  employees 
walk  into  the  [cus¬ 
tomer’s]  office,  they’re 
not  getting  blindsided 
by  questions.” 

Jeff  Duly,  IT  governance  and  enterprise  architect 
specialist  at  Dow  Corning 


Nova  Chemicals  of  Pittsburgh  is  applying 
intelligence  from  its  IP  network  and  data 
center  to  how  it  manages  the  physical 
control  of  the  chemicals  and  pipelines 
that  produce  its  products. 

The  manufacturer  of  plastics  and  chemi¬ 
cals  employs  a  mix  of  technologies  to  con¬ 
trol  the  chemical  production  processes 
throughout  its  factories  in  North  and 
South  America.  Software  from  Pavilion 
Technologies  is  used  in  concert  with 
process-control  hardware  and  software 
from  Honeywell  on  a  centralized  SAP  ERP 
system  platform. 

The  Pavilion8  software  runs  on  a  central 
server  in  Novas  Pittsburgh  data  center, and 
taps  into  the  ERP  and  process-control  sys¬ 
tems  running  there  and  in  the  factories 
across  the  Western  hemisphere  via  the  cor¬ 
porate  WAN  (a  mix  of  frame  relay  and  IP 
VPN  links).  Pavilion  provides  predictive 
process-control  management  by  analyzing 
an  array  of  factors,  such  as  what  products 
were  scheduled  to  be  made  in  certain 
locations,  what  resources  were  used  to 
produce  the  products  how  these  re¬ 
sources  were  used;  and  what  the  outcome 


was  in  terms  of  production  quality  and 
quantity  (and  potential  revenue). 

Predicting  capacity 

“Based  on  all  the  data  it  has  available, 
Pavilion  knows  what  you’re  trying  to 
make,”  says  John  Wheeler,  CIO  for  Nova 
Chemicals,  who  recently  announced  his 
retirement  from  the  company  “It  can  pre¬ 
dict  the  capacity  of  the  reactor  and  moni¬ 
tor  the  process  as  it  happens.” 

In  addition  to  monitoring  all  these  fac¬ 
tors,  the  Pavilion  software  can  take  action 
to  control  these  various  processes  in  order 
to  reach  the  planned  production  out¬ 
come.  If  too  much  heat  is  detected  during 
a  production  process,  or  an  irregular  mix¬ 
ture  of  chemicals  occurs,  the  software  can 
notify  plant  engineers  or  even  perform 
automatic  actions,  such  as  lowering  tem¬ 
perature  or  valve  controls  in  the  factories, 
Wheeler  says. 

This  tight  integration  of  physical  and  soft¬ 
ware  controls  makes  factories  more  effi¬ 
cient  and  profitable,  Wheeler  adds.  In  plas¬ 
tics  production,  product  that  is  made  on 
specification  can  be  sold  at  a  higher  price 
than  “off-spec”  material,  which  might  be 
sold  to  a  garbage  bag  manufacturer 
instead  of  a  medical  supply  maker. 

The  plant/software  integration  “allows  us 
to  make  more  on-spec  products  and  lets  us 
be  more  productive,”  Wheeler  says.  “If  I  can 
take  a  plant  that  is  a  multimillion  asset  and 
produce  more  on-spec  product,  it  can 
mean  millions  of  dollars  to  the  bottom 
line.”  (For  competitive  reasons,  Wheeler 
says,  he  cannot  state  how  much  the  com¬ 
pany  is  saving  or  the  revenue  generated  at 
its  plants  because  of  the  Pavilion  software.) 

Gathering  important  data 

Another  manufacturer  with  a  similarly 
integrated  plant/data  center  operation  is 
experimenting  with  technology  for  pulling 
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Mobility  event 

Enterprise  Mobility  is  one  of  eight  fast  tracks  at  the 
IT  Roadmap  event  coming  to  San  Francisco.  40  IT 
all  stars,  analysts,  and  vendors  offering  new  tech¬ 
nology  and  best  practices. 

www.nwdocfinder.com/5340 


Network  chemistry  101 

Chemical  manufacturers  are  employing  a  variety  of  IT  and  network  tools  to 
solve  production  and  customer-service  problems. 


Challenge 

Strategy 

Managing  complex  chemical  processes  at  remote 
factory  sites.  Chemical  manufacturers  such  as  Nova 
Chemicals  must  manage  operations  at  plants 
throughout  North  and  South  America. 

Software  from  makers  such  as  Pavilion  consolidate 
chemical-processing  monitoring  with  network-based 
command-and-control,  letting  servers  in  a  data 
center  anticipate  errors  in  a  factory  and  correct 
the  problem. 

Tapping  valuable  customer  data  and  supply-chain 
information  and  making  it  useful  to  workers  in  the 
field. 

Dow  Corning  is  Web-enabling  its  centralized  SAP 
application,  which  includes  product,  sales,  inventory 
and  logistics  data  from  45  manufacturing  and 
warehouse  locations  worldwide.  Sales  staff  can  tap 
into  this  data  trove  via  RIM  BlackBerry  devices, 
which  access  back-end  systems  via  a  built-in  Web 
browser. 

valuable  data  out  of  its  systems  and 
putting  it  into  the  hands  of  its  salespeople. 

Dow  Corning,  the  silicone  production 
venture  between  Dow  Chemical  and 
Corning,  is  extracting  data  from  its  central¬ 
ized  SAP  system  and  putting  it  in  the 
hands  of  salespeople  with  BlackBerries. 
With  a  single  worldwide  instance  of  SAP 
running  in  its  Midland,  Mich.,  data  center, 
access  to  almost  any  data  on  production, 
supply  chain,  customer  relations,  sales 
databases  or  other  records  is  accessible 
through  a  Web  browser. 

Putting  customer  data  in  the  hands  of 
the  employees  who  are  in  direct  contact 
with  that  customer  can  answer  questions 
with  hard  data  —  what  products  are  avail¬ 
able,  when  they  were  ordered  and  delivery 
time. 

“Being  able  to  answer  [specific]  ques¬ 
tions  right  there  on  the  spot  has  been 
great,” says  Jeff  Duly  an  IT  governance  and 
enterprise  architecture  specialist  at  Dow 
Corning. 

The  integrated  BlackBerry  also  takes 
questions  or  complaints  customers  may 
have  made  through  one  channel  —  such 
as  phone  or  e-mail  —  and  ties  them  to  the 
face  showing  up  at  the  front  door,  Duly 
says. 

“When  our  employees  walk  into  the 
[customer’s]  office,  they’re  not  getting 
blindsided  by  questions,”  he  says.  “There’s 
no  more  ‘why  doesn’t  our  salesperson 
know  about  this?’” 

While  putting  this  data  in  the  hands  of 
salespeople  impresses  Dow  Corning  em¬ 


ployees  and  customers,  most  of  the  heavy 
lifting  and  integration  for  this  technology 
were  completed  several  years  ago,  when 
Dow  Corning  consolidated  multiple  SAP 
ERP  applications  into  a  single  instance. 
The  SAP  NetWeaver  product  was  used  to 
Web-enable  all  data  that  can  be  accessed 
by  SAP’s  standard  thick  client. 

“We’ve  just  started  to  recognize  over  the 
last  year  or  so  . . .  how  easy  it  is  to  get  this 
data,”  Duly  says.  “Our  back-end  SAP  sys¬ 
tems  are  all  Web-enabled  now,  and  we’ve 
already  got  the  BlackBerries  in  the  sales- 
peoples’  hands.To  connect  the  two  is  pret¬ 
ty  easy;  we  already  know  how  to  write 
online  Web  applications  —  there’s  just  a 
little  different  flavor  for  the  BlackBerry’ 
And  he  adds  jokingly“I  don’t  like  people  to 
know  how  easy  it  is,  because  then  it  does¬ 
n’t  look  like  I’m  doing  anything.”  ■ 

Networks  that  make  it 

See  how  manufacturers  in  other 
industries  are  deploying  a  wide  range 
of  IT  and  network  technology  to  cut 
costs  and  improve  productivity. 

•  Boeing  deploys  WLAN  location  tracking  to 
speed  up  airplane  production. 

www.nwdocfinder.com/5554 

•  Wireless  enables  assembly  lines. 

www.nwdocfinder.com/5555 

•  Parts  manufacturer  automates  CAD  systems 
with  XML  www.nwdocfinder.com/5556 
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What’s  next 
for  color 
starts  with 
what’s  next 
from  Canon. 
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finally.  A  digital  press  innovative 
enough  to  come  from  Canon. 


It’s  what’s  next  for  color. 


“•  V  J-  —U 


www.usa.canon.com/isg/whatsncxtforcolor  1-800-OK-CANON 


It’s  what’s  next  for 
color  in  the  workplace 


Introducing  the  Canon  Color  imageRUNNER  Series  with 
groundbreaking  imageCHIP  technology. 


Innovators  never  stop.  They  never  leave  well  enough  alone.  That’s  why  we  took  the  industry¬ 
leading  Canon  Color  imageRUNNER"  Series,  and  vastly  improved  it  with  our  exclusive 
imageCHIP  system  architecture.  Our  new  imageCHIP  technology  not  only  enables  you  to 
print,  scan  and  fax  simultaneously  without  bottlenecks  in  productivity,  but  it  will  change  the  way 


you  think  about  using  color  in  the  office.  With  more  speed  and  power  for  greater  performance,  the  Canon  Color 


imageRUNNER  Series  will  deliver  the  future  of  color  in  the  workplace  today.  And  all  with  the  color  quality 


you’ve  come  to  expect  from  Canon.  The  new  Canon  Color  imageRUNNER  Series.  It’s  what’s  next  for  color. 


www.usa.canon.com/isg/whatsnextforcolor  1-800-OK-CANON 
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.'s  what’s  next 
I  graphics  color. 


Introducing  the  Canon  imagePRESS  Cl  with  Canon  V  Toner  for 


;  unprecedented  and  consistent  image  quality. 


There’s  big  news  for  those  of  you  in  Graphic  Design,  Proofing  and  Print-for-Profit:  the  new 
Canon  imagePRESS™  brand  is  here,  and  it  will  transform  the  way  you  work.  Let’s  start 
with  Canon’s  exclusive  V  Toner.  This  small-sized  toner,  with  an  average  particle  size  of 


5.5  microns,  offers  one  of  the  largest  color  gamuts  in  the  industry.  The  imagePRESS  Cl 
also  happens  to  be  ideal  for  applications  that  require  precise  details— razor  sharp  text  and  lines,  and 
smoother  gradations  for  both  images  and  graphics.  But  there’s  much  more.  You  can  also  expect  image 
quality  that’s  comparable  to  offset,  with  color  proofing  accuracy  and  the  ability  to  maintain  high 
quality,  even  on  heavier  paper  stock.  The  new  Canon  imagePRESS  Cl.  It’s  what’s  next  for  color. 


It’s  what's  next 
for  large-format  color 


Introducing  the  Canon  imagePROGRAF  iPF9000  12-ink  tank  system. 


Presenting  the  new  Canon  Graphic  Arts  line  of  imagePROGRAF"  Printers  with  its  new, 
exclusive  pigment  ink  called  LUCIA™.  With  12  ink  tanks,  the  17"  iPF5000,  44"  iPF8000 
and  the  60"  iPF9000  give  you  the  color  gamut  that  goes  beyond  what  was  possible  with 
traditional  8-color  printing.  The  LUCIA  ink  also  provides  the  ability  to  archive  your  fine  art  and 
photographic  output.  There’s  also  Canon’s  exclusive  L-COA  controller  chip,  which  intelligently 
performs  multiple  tasks,  giving  you  advanced  image  processing  with  remarkably  high  accuracy, 
resulting  in  rapid  print  speed.  L-COA  technology  is  also  present  in  the  new  Corporate  and  CAD 
line  of  imagePROGRAF  Printers.  The  Canon  imagePROGRAF  Large-Format  Printers. 

It’s  what’s  next  for  color.  -  ;  v; 
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Canon 

imageANYWARE 


>r  countries.  IMAGEANVWARE  is  a  trademark  of  Canon.  ©2006  Canon  U.S.A.,  Inc.  Ail  rights  reserved. 


protects  what’s  next  for  color. 
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Always  use  Canon  Genuine  Color  Toner,  Parts  and  Supplies. 


•  Here's  the  best  way  to  get  great  looking  color  output  and  optimum  performance  from  all  your  Canon 

_ _  _  _ ■ .  '  ■ 

solutions.  Canon’s  experience  in  the  color  industry  is  unparalleled,  so  it’s  only  fitting  that  our  Genuine 
Toner  should  be  your  first  choice  in  protecting  your  investment.  This  is  best  demonstrated  by  the 
result  of  20  years  of  research  and  development  for  Canon’s  S  Toner,  which  is  still  the  premier 
polymerized  color  toner  in  the  world.  Both  S  Toner  and  our  new  V  Toner  provide  remarkably  rich  color 
reproduction  and  consistent  quality  output,  giving  you  the  reliability  you  expect  from  Canon.  So,  keep 
your  investment  up  and  running,  and  don’t  settle  for  color  that’s  anything  less  than  genuinely  Canon. 
Canon  Genuine  Color  Toner,  Parts  and  Supplies.  It’s  what’s  next  for  color. 
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TECHHOUIfiY  UPDATE 

S§  AN  INSIDE  LOOK  AT  TECHNOLOGIES  AND  STANDARDS 


Wideband  audio  boosts  VoIP  quality 


HOW  IT  WORKS:  WIDEBAND  VOICE  CODEC 

Wideband  voice  codecs  double  the  frequencies  that  are  encoded  by  narrowband 
codecs,  providing  a  truer  representation  of  speech. 


Narrowband 


Wideband  i 


•••• 

•••• 

•••• 


Narrowband 

Individual  speaks  into  VoIP  phone  configured  for  G.729  (narrowband  voice  codec). 


B  G.729  codec  samples  and  encodes  voice  at  8KHz. _ 

B  Voice  is  transmitted  across  IP  network  at  29.6Kbps  (including  headers). 

□  G.729  packet  is  decoded  at  receiving  end,  with  significant  loss  in  original  audio  fidelity. 

Wideband 

□  Individual  speaks  into  VoIP  phone  configured  for  G.722.2  (wideband  voice  codec). 

B  G.722.2  codec  samples  and  encodes  voice  at  16KHz. 

B  Voice  is  transmitted  across  IP  network  at  between  28.2K  and  45.45Kbps  (including  headers). 

□  G.722.2  packet  is  decoded  at  the  receiving  end  with  over  twice  the  original  frequency  spectrum  as 
the  G.729  narrowband  codec,  resulting  in  significantly  improved  audio  fidelity. 


BY  MICHAEL  WARD 

Companies  have  rapidly  deployed  VoIP 
technology  to  reduce  operational  costs 
and  increase  productivity  by  integrating 
telecom  services  with  other  enterprise 
workflows.  However,  the  codecs  most 
widely  used  today  that  let  speech  be 
transmitted  over  IP  data  networks  do  not 
reproduce  speech  faithfully  for  a  variety 
of  dialects. 

Typical  human  speech,  while  consisting 
of  a  wide  range  of  frequencies,  is  very  well 
reproduced  by  sampling  frequencies  up  to 
lOKHz.  Unfortunately,  most  VoIP  codecs 
capture  well  under  a  half  of  this  frequency 
spectrum.  The  G.729  voice  codec,  one  of 
the  most  common  codecs  used  in  VoIP  sys¬ 
tems,  is  a  narrowband  codec  that  samples 
across  a  frequency  range  from  approxi¬ 
mately  200Hz  to  just  under  4KHz.As  a  result 
much  of  the  frequency  spectrum  of  typical 
human  voice  is  not  captured. 

To  minimize  the  amount  of  data  required 
to  encode  the  sampled  speech  to  limit  the 
requirements  of  network  bandwidth  as 
much  as  possible,  algorithms  such  as  G.729 
use  a  variety  of  encoding  techniques  that 
make  certain  assumptions  about  speech. 

In  many  cases  these  assumptions  have 
been  made  based  on  a  hypothetical 
Western  male  voice.  These  predictive 
encoding  techniques  coupled  with  the  lim¬ 
ited  frequency  sampling  result  in  a  voice 
codec  that  poorly  recreates  Asian  speakers 
because  of  the  higher  frequency  content  of 
many  Asian  dialects.  These  narrowband 
codecs  also  do  a  poor  job  in  the  transmis¬ 
sion  and  encoding  of  music. 

In  an  attempt  to  solve  these  problems, 


other  codecs  were  defined  that  double  the 
audio-frequency  spectrum  encoded.  Wide¬ 
band  codecs  sample  frequencies  up  to 
8KHz.  By  doubling  the  frequencies  that  are 
encoded,  a  truer  representation  of  the 
speed  or  audio  can  be  encoded  and  recre¬ 
ated  on  the  remote  end.  As  most  speech 
can  be  represented  with  only  lOKHz  of  fre¬ 
quency  these  wideband  codecs  are  able  to 
more  faithfully  reproduce  the  original 


speech  than  narrow  band  codecs.  Music 
transmission  also  becomes  possible  using 
wideband  codecs. 

The  G722.2,  or  Wideband  Audio  Modem 
Riser,  wideband  codec  was  defined  ini¬ 
tially  by  the  European  Telecommunica¬ 
tions  Standards  Institute/Third  Generation 
Partnership  Project  as  Wideband  AMR  for 
use  in  cellular  and  mobile  applications, 
and  then  ratified  by  the  International  Tele¬ 


communication  Standardization  Sector 
as  G.722.2  for  use  in  VoIP  and  other  appli¬ 
cations.  G.722.2  supports  nine  bit  rates 
from  6.6K  to  23.85Kbps.  Bit  rates  as  low  as 
12.65Kbps  still  can  deliver  acceptable 
voice  quality. 

Real  vs.  perceived  difference 

G.729  requires  only  8Kbps  to  encode 
voice,  but  this  is  before  any  additional 
data  for  Real-time  Transport  Protocol 
(RTP),  User  Datagram  Protocol  (UDP) 
and  IP  packet  headers.  When  taking  the 
RTP  UDP  and  IP  packet  headers  into 
account,  G.729  requires  29.6Kbps  of  effec¬ 
tive  network  bandwidth  and  G.722.2  re¬ 
quires  28.2K  to  45.45Kbps,  depending  on 
the  rate  used. With  the  largest  G.722.2  data 
rate,  just  over  50%  of  network  bandwidth 
is  required  to  achieve  twice  the  transmit¬ 
ted  frequency,  and  the  associated  audio 
fidelity  benefits. 

To  deliver  the  superior  audio  quality  of 
wideband  codecs,  the  algorithms  used  to 
implement  these  codecs  typically  are 
more  computationally  intensive  and  thus 
require  more  processing  capacity  for  the 
VoIP  endpoints. 

As  such,  many  existing  VoIP  devices  may 
not  be  capable  of  supporting  wideband 
codecs.  Fortunately  as  processor  capacity 
continues  to  increase,  the  benefits  of 
wideband  VoIP  are  becoming  an  option 
in  an  increasing  number  of  devices  at 
lower  prices. 

Ward,  director  of  product  line  management 
at  Trinity  Convergence ,  can  be  reached  at 
mward@trinityconvergence.com. 


Ask  Dr.  Internet 


By  Steve  Blass 


Can  you  recommend  any  open  source  network¬ 
monitoring  programs? 

Try  Nagios  (www.nagios.org),  an  open  source  net¬ 
work-monitoring  application  that  runs  on  Linux  and 
other  Unix-based  systems,  and  which  has  a  large  user 
base  and  active  online  community.  Nagios  is  included 
with  the  operating  system  in  several  Linux  distribu¬ 
tions,  as  well  as  with  OpenBSD,  so  you  may  already 
have  a  copy. 

You  can  download  the  latest  version  and  the  required 


plug-ins  from  the  download  section  of  the  Nagios  Web 
site.  It  takes  some  time  and  effort  to  configure,  build, 
install  and  set  up  Nagios,  so  reviewing  the  documenta¬ 
tion  before  you  start  is  recommended.  Instructions  are 
included  with  the  distribution  download,  also  available 
online  at  the  Nagios  site. 

Nagios  runs  best  using  an  Apache  Web  server,  and 
requires  the  GD  Graphics  Library,  available  at 
www.boutell.com.You  will  need  a  working  C  compiler  to 
build  the  software. 

Follow  the  instructions  for  creating  a  Nagios  user  and 


group  and  the  required  command  file  group,  and  identi¬ 
fy  the  Apache  user  before  you  launch  the  Nagios  con¬ 
figure  script.  After  running  configure  and  issuing  the 
make-all  and  make-install  commands,  install  the  Nagios 
plug-ins,  modify  your  Apache  configuration,  and  define 
the  items  you  want  Nagios  to  monitor.  In  the  end  you’ll 
have  an  outstanding  network-monitoring  system  that  is 
well  worth  the  installation  effort. 

Blass  is  an  IT  manager  in  Phoenix.  He  can  be  reached 
at  dr.internet@jschnee.com. 
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.INFRASTRUCTURE  LOG 

_DAY  45:  These  underutilized  storage  boxes  have  proliferated 
exponentially.  Their  inability  to  share  capacity  has 
doomed  us.  We’re  trapped  in  a  maze  of  our  own  creation. 

_DAY  47:  I  tried  to  give  Gil  a  boost  over  this  wall,  but 
he  pulled  a  hammie. 

_DAY  48:  I’ve  taken  back  control  with  IBM  System  Storage™ 
SAN  Volume  Controller.  It  puts  my  entire  storage  universe 
into  a  simple,  virtualized  pool.  And,  unlike  EMC,  IBM  has 
fourth-generation  virtualization  technology  and  over  2,000 
customers.  I  am  seeing  results. 

.Productivity  is  up.  Utilization  is  up.  I.T.  guys  lost  in 
mazes  of  data  is  down. 


IBM.COM/TAKEBACKCONTROL/STORAGE 


^t-'a^i^Si^herd  of  resources. 
VrThe^rfttgjleader  of  processes. 

.  The  conductor  of  an  inventory 
"*tn  transit  across  three  continents 
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World  According  To  Stephen 

Networking  from  AT&T  enables  converged  communications  across 

^^tOcations  worldwide.  By  proactively  identifying  changes  in  traffic  volume  and 

S^f^ponding  in  real  time,  Stephen's  network  can  move  resources  more  efficiently, 
'■ 

HP  ahd  securely.  Learn  how  Dynamic  Networking  can  enable  your  business. 


The  new 


M^Mpy^rking 


Your  world.  Delivered. 
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Serving  up  files  and  text 


GEARHEAD 

INSIDE  THE 
NETWORK 
MACHINE 

Mark  Gibbs 


Reader  Stuart  Douglas  dropped  us 
a  note  as  a  follow-up  to  our  recent 
Gearhead  article  (see  www.nwdoc 
finder.com/5543)  on  FileZilla,  a  free, 
open  source  FTP  client. 

“If  you  like  their  client,  check  out 
their  server^’  Stuart  suggested.  “We’re 
an  MS  shop  but  IIS  doesn’t  provide 
the  mixed  user  setup  and  granularity 
we  needed  in  our  FTP  servers. 
FileZilla  does  it  all,  in  spades.” 

FileZilla  Server  (www.nwdoc 
finder.com/5539)  is  an  excellent 
free,  open  source, Windows  FTP  server  implementation 
with  a  small  multithreaded  engine  (a  2.4MB  down¬ 
load,  and  it  uses  just  less  than  3MB  of  RAM)  that  is  fast 
and  robust. 

You  can  install  FileZilla  Server  as  a  service  under  Win¬ 
dows  NT4,2000  and  XP  or  run  it  as  an  application  with  or 
without  automatic  start.  You  also  can  select  which  port 
should  be  used  for  administration  (the  default  is  14147) 
and  whether  the  server  starts  for  all  users  or  just  for  the  first 
one  who  logs  on. 

Once  installed  and  started  you  can  launch  the  adminis¬ 
trator’s  interface  from  the  Windows  system  tray  and  config¬ 
ure  the  server. There’s  a  lot  to  set  up,  including  the  welcome 
message,  local  IP  address  bindings  and  remote  IP  address 
filters,  and  passive  mode  settings. 

FileZilla  Server  supports  anonymous  as  well  as  named 


users  (with  MD5  encrypted  password  storage)  and  groups. 
Group  membership  provides  access  to  the  group’s 
assigned  subdirectories  and  to  whatever  the  users  have 
been  directly  assigned.There’s  also  support  for  antihacking 
features  and  a  no-transfer  timeout  to  kick  idle  users  off  if 
they  are  using  a  basic  “keep  alive”  system. 

The  FileZilla  Server  console  displays  all  client  activity, 

KeyText  can  use  regular 
expression  matching  as  well  as 
if-then-else  clauses. 

which  can  be  optionally  logged  to  a  single  file  or  multi¬ 
ple  daily  files. 

FileZilla  Server  installation  doesn’t  include  any  docu¬ 
mentation  so  you’ll  need  to  know  about  the  project’s  sup¬ 
port  wiki  (www.nwdocfinder.com/5540),  which  seems  to 
be  having  problems  as  of  this  writing. 

Another  utility  we  have  become  taken  with  improves  on 
an  old  idea:  keyboard  macros.  KeyText  (www.nwdocfind 
er.com/5541)  from  MJMSoft  Design  Limited  can  detect 
trigger  text,  so  you  can  define  abbreviations  that  are 
dynamically  replaced  by  text  as  well  as  respond  to  hot¬ 
key  sequences. 

The  abilities  of  KeyText  go  way  beyond  simple  text  sub¬ 
stitutions.  For  example,  there’s  a  feature  that  MJMSoft  calls 
Advanced  Smart  Select  that  takes  selected  text  and 
changes  the  output  according  to  rules  you  specify  That 


means  you  can  set  up  a  macro  triggered  by  a  hot-key 
sequence  so  when  you  select  an  e-mail  address  in  any 
application  and  press  the  hot  key  your  e-mail  client  will 
start  and  new  mail  to  that  address  will  be  created,  but  if  you 
select  a  ZIP  code  your  browser  is  launched  and  you  are 
taken  to  Google  Maps. 

The  reason  this  tool  is  so  powerful  is  that  KeyText  can  use 
regular  expression  matching  as  well  as  if-then-else  clauses. 
There  also  are  string  constants  (MJMSoft  calls  them  vari¬ 
ables)  for  storing  frequently  used  text  that  are  accessible 
from  all  macros  (they  can  be  shared  by  multiple  network 
users  as  they  are  stored  in  a  file),  string  variables  for 
dynamic  data,  and  integer  variables  that  can  store  values 
from  across  multiple  sessions  (useful  for  sequential  num¬ 
bering  needs, such  as  file  naming). 

Not  only  can  the  contents  of  the  clipboard  or  the  cur¬ 
rently  selected  text  be  used  for  decision  making, so  can  the 
current  window  title,  current  process  name,  variable  values 
or  even  the  color  of  a  pixel. 

KeyText  is  remarkably  powerful  (see  the  product  home 
page  for  a  more  complete  feature  list)  and  that’s  its  one 
downside:  it  is  pretty  complicated  so  there’s  a  lot  to  learn. 
That  said,  if  you  are  writing  code  this  could  be  a  great  pro¬ 
ductivity  aid,  and  if  you  are  looking  for  a  way  to  achieve 
complex  user  interface  automation  KeyText  could  be  a 
good  bet.  At  $29.95  it  also  won’t  break  the  piggy  bank. 

Write  efficiently  and  transfer  to  gearhead@gibbs.com  or 
Gibbsblog. 


CoolTools 


Quick  takes  on  high-tech  toys.  Keith  Shaw 

The  scoop:  BlackBerry  Ftearl  (model  8100),  with  T-Mobile  service,  by 
A  Research  in  Motion, about  $200  (after  rebates  and  two-year  agreement). 

What  it  is:  The  latest  wireless  e-mail  device  from  RIM,  the 
BlackBerry  Pearl  is  compact, shiny  and  full  of  features  you  didn’t  expect.This  isn’t 
your  CEO’s  BlackBerry  —  although  the  CEO  might  want  one  after  trying  it  out.  In 
addition  to  the  standard  wireless  e-mail  features,  the  Pearl  includes  a  1 .3-megapixel 
digital  camera,  music  player  application  and  quad-band  phone  support,  which  lets 
users  connect  worldwide  via  T-Mobile’s  GSM/GPRS  networks. 

The  device  lets  users  combine  as  many  as  10  personal  and  work  e-mail 
addresses,  and  includes  a  Web  browser  and  Bluetooth  2.0  support  for  hands-free 
headsets.The  3.1-ounce  BlackBerry  Pearl  offers  as  much  as  3.5  hours  of  talk  time 
and  as  many  as  15  days  of  standby  time. 

Why  it’s  cool:  The  addition  of  the  digital  camera  and  music  player  brings  this 
into  the  world  of  converged  devices.The  camera  was  good  enough  for  photos,  but 
I  prefer  the  resolution  on  my  LG  Chocolate  phone. 

Sending  picture  messages,  however,  was  much  easier  because  of  the  TrueType 
keypad  on  the  Pearl.  For  IT  groups  concerned  about  the  camera  phone,  RIM  says 
an  IT  policy  can  let  administrators  disable  the  camera  via  the  BlackBerry 
Enterprise  Server  (Version  4.1  SP2).This  policy, as  well  as  others, can  be  applied  to 
individuals, groups  or  across  the  entire  BlackBerry  deployment,  the  company  says. 

I  also  was  impressed  by  the  size  of  the  Pearl;  it  was  much  smaller  than  a  stan¬ 
dard  BlackBerry. 

The  TrueType  keypad  includes  two  letters  on  each  key,  which  puts  the  device 
between  the  full  qwerty-style  keypad  (one  key  for  each  letter)  on  regular 
BlackBerry  devices  and  the  standard  three  letters  on  each  key  of  a  cell  phone. 
Still,  the  TrueType  software  excels.  If  you  don’t  look  at  the  screen  when  typing  a 
note,  the  system  selects  the  correct  word  by  the  time  you  finish  typing  —  it’s  very 


accurate  and  amazing  to  watch.  Typing  non¬ 
words,  such  as  e-mail  addresses  and  acro¬ 
nyms,  wasn’t  as  smooth. 

Another  difference  is  the  lack  of  the  scroll 
wheel  navigation  on  the  right  side  of  the 
device.  Instead,  there’s  a  trackball  in  the  cen¬ 
ter  that  lets  you  navigate  between  menu  items 
with  your  thumb. 

Some  caveats:  If  you  are  switching  from  a 
regular  BlackBerry  to  this  one,  the  trackball 
navigation  may  bother  you.  In  addition,  the 
keys  are  closer  together,  causing  typing  diffi¬ 
culties  for  those  with  big  fingers  (or  fat 
thumbs).  The  navigation  and  keys  are 
designed  for  one-handed  typing  and  naviga¬ 
tion, so  people  accustomed  to  the  two-thumb 
typing  on  an  older  BlackBerry  may  not  enjoy 
this  method  of  typing  (on  longer  messages  1 
reverted  to  two-handed  typing).  One  other 
minor  quibble  —  the  keyboard  lock  is  awk¬ 
ward.  You  have  to  go  to  the  menu  to  lock  it, 
then  press  a  two-button  combination  to 
unlock  the  keypad.  Before  1  figured  this  out,  1 
inadvertently  made  several  phone  calls  to  my 
brother  while  the  device  was  stored  in  my 
pocket  or  bag. 

Grade:  ★★★★  (out  of  five). 


'96s 


A  digital  camera  is  included  on  the 
BlackBerry  Pearl,  but  IT  can  disable 
this  feature. 


Shaw  can  be  reached  at  kshaw@nww.com.  New  Cool  Tools  Video  Shows  every 
Thursday,  and  you  can  hear  Keith  every  Friday  as  part  of  the  Twisted  Pair  podcast 
( tech  week  in  review)  at  www.networkworld.com. 


42  »  www  ri8twnrkworid.com  *  10.S.06 


Yes 

By  George  Kurian, 
Cisco 


Does  application  acceleration  belong 
in  the  network  infrastructure? 

Two  industry  insiders  debate  approaches  for  speeding  WAN  traffic. 

No 

By  Alagu  Periyannan, 

Blue  Coat  Systems 


Acceleration  can  be  implemented  in  three  places:  on  the  server, at  the  desktop 
or  in  the  network.  With  accelerators  on  the  servers,  each  server  is  ignorant  of 
the  WAN  capacity  available  in  real  time  that  can  be  used  to  accelerate  appli¬ 
cation  delivery  to  users.  Because  the  WAN  is  shared  with  other  servers  and  applica¬ 
tions,  server-based  acceleration  can  be  suboptimal  at  best.  In  addition,  the  load  on 
servers  from  doing  application  acceleration  simultaneously  with  computation  makes 
this  approach  less  attractive.  Acceleration  at  the  desktop  has  some  of  the  same  weak¬ 
nesses  as  server-based  acceleration.  Furthermore,  application-acceleration  tech¬ 
niques  benefit  from  the  fact  that  multiple  users  in  a  location  typically  access  the 
same  data.These  benefits  are  lost  when  each  desktop  tries  to  accelerate  its  own  data. 

By  deploying  acceleration  at  the  network  level,  organizations  can  optimize  perfor¬ 
mance  equitably  by  distributing  intelligence  across  the  entire  infrastructure.  But  an 
application-acceleration  product  that  is  merely  bolted  onto  the  network  rather  than 
built  into  it  could  undermine  the  networks  health  and  efficiency  and  the  business 
processes  that  run  on  it.  When  looking  to  enhance  performance,  always  heed  the  old 
adage:  First,  do  no  harm. 

To  avoid  that  harm,  the  acceleration  product  should  be  logically  integrated  into  the 
network  infrastructure  transparently  —  in  such  a  way  that  critical  services  and  functions 
aren't  disrupted  or  disabled, and  IT  intervention  is  kept  to  a  minimum.The  biggest  prob¬ 
lem  with  nontransparent  application-acceleration  products  is  that  they  force  a  compa¬ 
ny  to  overlay  a  second  network  on  top  of  the  existing  network.This  not  only  adds  unnec¬ 
essary  complexity  but  also  can  interfere  with  carefully  crafted  routing  designs  and  the 
ability  to  discover  and  monitor  network  devices.  Because  an  overlay  acceleration  net¬ 
work  focuses  on  controlling  the  direction  of  application  packet  flows,  it  could  crip¬ 
ple  the  existing  network’s  power  to  choose  the  fastest  paths  for  all  the  traffic  flowing 
between  nodes. 

An  accelerator  solution  that’s  an  integral,  transparent  part  of  the  network  infra- 
stnicture  will  preserve  critical  header  information  and  not  cause  problems  for  exist¬ 
ing  services.  Autodiscovery  of  all  the  accelerators  makes  it  possible  to  negotiate  and 
apply  an  optimization  policy  to  the  application  flow  without  disrupt¬ 
ing  the  underlying  routing  network.  Intermediate  accelerators  along 
the  path  can  go  into  pass-through  mode,  allowing  the  accelerators 
closest  to  the  communicating  nodes  to  facilitate  the  flow  optimiza- 
tion.You  can’t  do  any  of  that  if  an  overlay  network  is  in  the  way. 

if  your  firm  is  considering  an  accelerator  solution  that  isn’t  infra- 
stna  turn-transparent  and  requires  an  overlay  network,  conduct  a 
<h‘  iough  preinstallation  analysis  to  make  sure  the  new  acceleration 
scheme  doesn't  have  a  debilitating  effect  on  your  well-tuned  services 
arid  features  Remember:  When  trying  to  do  good,  first  do  no  harm. 

K<incn  is  nice  president  and  general  manager  of  Cisco’s  Application 
l  W?.v<  ry  Business  Unit.  He  can  be  reached  at  gkurian@cisco.com. 


While  application  acceleration  belongs  in  the  network  rack, it  doesn’t  belong 
in  packet-delivery  devices,  such  as  routers  and  firewalls,  but  rather  in  a  new 
class  of  products  focused  on  application  delivery 
Network  vendors  have  focused  on  elements  such  as  IP  addresses  and  TCP  ports  to 
provide  a  high-performance,  secure  packet-delivery  infrastructure.  But  to  ensure 
application-level  performance  and  security,  application  delivery  needs  to  focus  on  a 
different  set  of  key  elements  —  the  users  (who  they  are  and  their  role),  the  applica¬ 
tion  and  the  nature  of  their  interaction  (the  session).  For  the  future, application  deliv¬ 
ery  will  leverage,  but  remain  separate  from,  packet  delivery  because  of  these  differ¬ 
ences  in  requirements  and  focus.  It’s  like  refrigerators  and  ovens  —  just  because 
they’re  collocated  doesn’t  mean  they  should  be  integrated. 

Most  application-performance  problems  occur  because  of  inefficiencies  and  limi¬ 
tations  within  applications  —  not  because  of  issues  with  TCP/IP  Application-perfor¬ 
mance  problems  stem  mainly  from  chatty,  WAN-inefficient  application  protocols 
stretched  over  long  distances,  and  they  cause  long  user  wait  time  (latency). 
Application-specific  optimizations  are  the  only  way  to  significantly  reduce  latency 
These  protocol  optimizations, as  well  as  a  comprehensive  set  of  bandwidth-reduction 
capabilities  and  business-relevant  application  prioritization  are  possible  only 
through  understanding  the  user,  application  and  session.  Packet-delivery  infrastruc¬ 
ture  understands  none  of  these  things.  An  application-delivery  infrastructure  has  to. 

The  evolution  of  enterprise  applications  and  networks  are  clarifying  the  differences 
between  packet  delivery  and  application  delivery  —  and  highlighting  the  need  for 
separate  infrastructures. 

Applications  are  evolving.  SSL-encrypted  applications  comprise  a  rapidly  growing 
20%  to  30%  of  enterprise  traffic.  Any  enterprise  application-delivery  solution  must  be 
able  to  accelerate  internally  or  externally  hosted  SSL  applications  securely.  Packet- 
level  devices  are,  by  design,  blind  to  SSL  traffic. 

Networks  also  are  evolving.  Gartner’s  Mark  Fabbi  has  predicted  that  50%  of  enter¬ 
prises  will  connect  branch  offices  directly  to  the  Internet  by  2009,  requiring  Internet 
gateway-style  controls  at  remote  sites.  While  packet-delivery  devices 
are  a  key  part  of  the  enterprise  Internet  gateway  application-delivery 
devices  must  make  decisions  where  knowledge  of  the  user,  applica¬ 
tion  and  session  is  required. 

Most  organizations  recognize  the  different  focuses  of  packet  deliv¬ 
ery  and  application  delivery  and  demand  integration  of  performance 
and  security  at  the  packet  level  and  separate  but  similar  integration  at 
the  application  layer  —  performance  and  security  in  a  single  device. 
Just  as  kitchens  don’t  have  “refrigerovens,”  packet-delivery  and  appli¬ 
cation-delivery  infrastructures  will  remain  separate. 

Periyannan  is  CTO  of  Blue  Coat  Systems.  He  can  be  reached  at 
alagu.periyannan@bluecoat.com. 
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Quick,  take  a  snapshot.  Suddenly  part  of  your  IT 
infrastructure  is  inaccessible.  What  happens  to 
your  business? 

SunGard’s  advanced  recovery  solutions  help  get 
you  back  up  and  running.  Fast.  We  provide 
extensive  options  to  fit  your  exact  requirements, 
from  tape  or  disk  backup,  to  data  replication, 
mirroring,  hotsites,  mobile  solutions  and  more. 

Meet  your  objectives  with  confidence.  For  over 
28  years,  through  2,100  recovery  situations, 
we’ve  delivered  a  100%  success  rate.  With 
solutions  that  achieve  precise  recovery  time- 
frames,  locations  and  data  points. 

And  you  can  maintain  that  control  as  your 
business  evolves.  With  access  to  some  of  the 
most  extensive  data,  system  and  network 
resources  available  anywhere.  Reach  higher 
levels  of  Information  Availability,  at  a  fraction  of 
the  cost  of  building  the  infrastructure  yourself. 

The  right  solution  for  today.  Strong  preparation 
for  tomorrow.  Let  SunGard  show  you  how  to 
expect  the  unexpected. 


SUNGARD"  Kif/Peofk 
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Availability  Services  Connected.™ 

680  East  Swedesford  Road,  Wayne  PA  19087 
800-468-7483  |  www.availability.sungard.com 
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Microsoft  security 
riles  competitors 

Some  of  the  companies  that  have  built  a  business  on  the 
security  problems  in  Microsoft’s  operating  systems  now 
disingenuously  are  decrying  Microsoft’s  own  efforts  to- 
address  those  security  gaps. 

But  Microsoft  being  Microsoft,  the  company  has  yet  to 
learn  how  to  handle  such  loaded  issues  without  stirring  up  a 
cloud  of  accusations  about  anticompetitive  behavior. 

It  started  when  McAfee  last  week  took  out  a  full-page  ad 
in  the  Financial  Times  taking  Microsoft  to  task  for  the  way  it 
will  approach  security  in  the  forthcoming  Vista  operating 
system,  criticisms  that  were  reiterated  at  a  briefing  hosted  in 
New  York  by  the  company’s  CEO,  chief  scientist  and  chief 
security  architect. 

McAfee  has  two  central  gripes:  first,  that  Microsoft  is  locking 
up  the  kernel  in  the  64-bit  version  of  the  new  operating  sys¬ 
tem,  excluding  kernel  access  for  third-party  security  tools 
and  thus  limiting  what  those  tools  can  do;  and  second,  that 
Microsoft  is  making  it  impossible  to  disable  the  Windows 
Security  Center  console,  even  if  the  customer  has  installed 
different  security  products. 

In  an  open  letter  from  Chairman  and  CEO  George  Sam- 
enuk  titled  “Microsoft  increasing  security  risk  with  Vista,” 
McAfee  argues, “Microsoft  seems  to  envision  a  world  in 
which  one  giant  company  not  only  controls  the  systems  that 
drive  most  computers  around  the  world  but  also  the  security 
tli at  protects  those  computers  from  viruses  and  other  online 
threats.  Only  one  approach  protecting  us  all:  When  it  fails,  it 
fails  for  97%  of  the  world’s  desktops.”  (See  the  complete  letter 
at  www.nwdocfinder.com/5557.) 

The  real  issue  is  that  companies  like  McAfee  will  lose  busi¬ 
ness  as  Microsoft  addresses  security  problems,  because  buy¬ 
ers  always  try  to  simplify  their  environments  by  reducing  the 
number  of  vendors  and  tool  sets  they  have  to  deal  with. 

Instead  of  being  criticized,  Microsoft  should  be  lauded  for 
finally  addressing  security  issues  head-on. That  said,  the  com¬ 
pany  is  going  about  it  wrong,  taking  its  usual  heavy-handed, 
crush-all-competitors  approach.  Microsoft  is  simply  being 
greedy  by  locking  up  the  kernel  and  making  it  impossible  to 
disable  the  console. 

Experts  say  it  shouldn’t  be  hard  for  Microsoft  to  offer  secu¬ 
rity  vendors  some  form  of  authenticated  access  to  the  ker¬ 
nel,  and  the  console  thing  is  pure  hubris. 

The  fear  of  a  monoculture  that  McAfee  spells  out  is  over¬ 
stated,  but  customers  still  want  choice,  and  Microsoft  should 
be  a  good  corporate  citizen  and  reverse  its  stand. 

Microsoft,  by  all  means  safeguard  your  goods  in  every  way 
you  ■  an,  but  acknowledge  that  other  companies  have  been 
■olvh.i:  ,,  :ur  problems  for  years, and  some  of  your  own  cus¬ 
tomers  will  continue  to  prefer  their  solutions.  Play  nice. 

— John  Dix 
Editor  in  chief 
jdix@nww.com 


Neutrality  -  not! 

Regarding  Kevin  Tolly’s  column  “Cablevision:  A  neu¬ 
tral  net  that’s  not”  (www.nwdocfinder.com/5524): 
One  of  the  standard  arguments  opponents  of  net 
neutrality  legislation  use  is  that  such  legislation 
would  be  trying  to  solve  “a  problem  that  doesn’t 
exist.”  In  other  words,  net-neutrality  supporters  are 
trying  to  actively  prevent  walled  gardens,  and  the 
network  operators  are  saying  that  because  no  real 
walled  gardens  exist  yet,  there  is  no  point  in  legis¬ 
lating  against  them.  Well,  here  is  a  good  example  of 
a  wall  being  put  up  on  one  side  a  very  large  gar¬ 
den.  It  doesn’t  take  much  imagination  to  picture 
the  other  three  walls  being  added. 

Mike  Robinson 
CEO 

Citel  Technologies 
Seattle 

Kevin  Tolly  has  found  out  what  net  neutrality 
means.  The  provider  of  the  high-speed  data  line 
will  manipulate  content  to  maximize  its  return.The 
purveyor  of  the  high-speed  pipe  must  be  fully  sep¬ 
arated  from  its  content,  especially  when  the  Inter¬ 
net  provider  and  content  provider  are  the  same 
company. 

If  I  am  paying  a  provider  a  certain  amount  each 
month  for  a  1.5MB  data  line,  I  am  not  buying  con¬ 
tent,  I  am  buying  access  via  a  certain  data  rate  to 
the  Internet  and  should  be  able  to  do  as  I  please, 
without  any  restrictions.  All  restrictions  the  ISP  has 
enabled  must  be  fully  disclosed. 

Gene  Thomas 
Senior  consultant 
Telecom  Consult 
Atlanta 

Cablevision’s  new  thing  is  VoIP  throttling.  Cable- 


vision  has  a  competing  product,  Optimum  Voice,  to 
Vonage  and  AT&T, and  if  you  use  one  of  these  other 
services,  your  Internet  connectivity  becomes  un¬ 
stable.  If  you  sign  up  for  Optimum  Voice,  the  prob¬ 
lem  goes  away. 

Cablevision  is  fighting  tooth  and  nail  to  prevent 
Verizon’s  FiOS  from  gaining  a  foothold.  They  are 
throwing  a  ton  of  money  at  politicians  to  prevent 
the  competition  and  have  been  marginally  suc¬ 
cessful  to  date. 

Cablevision  heads  Charles  and  James  Dolan 
need  to  quit  with  their  cash  grab  and  monopoly 
status  here  on  Long  Island  —  we’re  sick  of  it.  Bring 
on  FiOS! 

Robert  Roth 
Setauket,  N.Y 

Automate  alternative 

Regarding  Mark  Gibbs’  Gearhead  column  “Auto- 
Mate,  er,  automates”  (www.nwdocfinder.com 
/5525):The  software  is  impressive  but  is  also  expen¬ 
sive  for  automation  on  a  single  PC.  I  required  an 
application  that  I  referred  to  as  a  “task  scheduler  on 
steroids”  because  many  of  my  batch  processes 
were  being  done  with  batch  files  and  VBScripts.  I 
needed  more  granular  control  with  additional  fea¬ 
tures  such  as  triggers  and  conditions.  I  looked  at 
Automate  and  WinBatch,  but  they  were  overkill  for 
the  automation  I  required;  then  I  found  VisualCron. 
This  application  had  everything  1  was  looking  for 
and  more  and  at  $87  per  server,  the  price  is  right. 

Shawn  Marshall 
IS  technical  engineer 
Watlow  Electric  Mfg.  Co. 

Columbia,  Mo. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 
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In  Microsoft  partnership,  Nortel  marries  up 


It’s  been  a  difficult  time  for  Nortel  and  its  cus¬ 
tomers  since  the  optical  bubble  burst  in  2000. 
For  six  years  there  have  been  financial  scan¬ 
dals,  poor  operating  performance,  restatement  of 
financials,  multiple  changes  of  executive  manage¬ 
ment,  Securities  and  Exchange  Commission 
investigations,  criminal  allegations,  layoffs  of  more 
than  70,000  employees,  lost  market  share,  lack  of 
focus,  selling  of  assets  and  more.  Now  Nortel  is 
looking  to  change  its  fortunes  through  a  strategic 
partnership  with  Microsoft,  called  the  Innovative 
Communications  Alliance  (ICA)  (see  www.nw 
docfinder.com/5526). 

In  Nortel’s  100-year  history,  it  has  never  part¬ 
nered  with  another  firm  on  the  same  scale  it 
plans  with  Microsoft.  Nortel  will  end  the  life  of 
most  of  its  enterprise  IP  telephony  products 
over  the  next  three  to  four  years  as  it  aligns  with 
Microsoft’s  unified  communications  strategy 
Microsoft  will  get  a  partner  that  knows  voice 
communications  and  has  an  installed  base  of 
both  enterprise  and  service  providers  in  which 
to  channel  unified  communications  to  the  mar¬ 
ket,  while  Nortel  will  get  sorely  needed  credi¬ 
bility,  an  infusion  of  cash  and  a  strategy. 

In  the  short  term,  the  ICA  is  a  big  marketing  and 
vision  win.  Microsoft  has  given  Nortel  customers 
something  to  cheer  about.  ICA  finally  gives  Nortel 


a  vision,  strategy  and  road  map  in  which  invest¬ 
ment  will  be  guided  with  a  hugely  credible  part¬ 
ner.  In  short,  Nortel  married  up. 

Microsoft  also  has  given  Nortel  customers  clar¬ 
ity.  The  prospect  of  Nortel  selling  its  enterprise 
business  is  shelved  for  the  foreseeable  future, 
putting  that  fear  to  bed  for  Nortel  customers. 
Nortel  customers  can  wrap  their  minds  and, 
potentially,  their  wallets  around  a  bold  unified 
communications  strategy  that  promises  to 

Microsoft  has  given  Nortel 
customers  something  to 
cheer  about. 

improve  business  process  efficiency  by  embed¬ 
ding  communications  deeply  into  business-  and 
office-productivity  applications.  Nortel  cus¬ 
tomers  are  taking  this  seriously,  as  the  compa¬ 
ny’s  ability  to  execute  has  been  catapulted 
because  of  Microsoft. 

The  long-term  prospects  of  ICA  are  less  clear. 
As  I  have  written  in  the  Lippis  Report  (see 
www.nwdocfinder.com/5527),  unified  commu¬ 
nications  doesn’t  get  interesting  until  next  sum¬ 
mer,  a  long  time  in  our  industry.  Part  of  ICA  is 
that  Nortel  will  provide  professional  services  to 


envision,  design  and  implement  IP  telephony 
solutions,  but  its  professional  services  organiza¬ 
tion  is  just  ramping  up  and  can’t  compete  with 
Avaya  and  Siemens. 

There  are  many  other  issues,  including  the 
fate  of  Nortel’s  desktop  collaboration  and  mes¬ 
saging  products, such  as  CallPilot  and  the  Multi- 
Media  Communications  Server,  as  well  as  its 
Communications  Server  family  and  Business 
Communications  Manager. 

Further,  how  will  Microsoft  and  Nortel  work 
together  in  the  field?  Who  will  open  the  door 
and  close  the  deal?  How  does  Nortel  sell 
today’s  solutions  and  products  while  simulta¬ 
neously  selling  a  future  vision  that  may  not 
include  its  current  products?  What’s  the  migra¬ 
tion  plan? 

Sorting  all  this  out  will  take  time.  Microsoft  and 
Nortel  may  want  to  take  a  short  honeymoon 
and  get  right  to  business.  For  more  information, 
listen  to  my  podcast  in  which  Zeus  Kerravala  of 
the  Yankee  Group  joins  me  to  discuss  the  ICA 
deal  (see  www.nwdocfinder.com/5528). 

Lippis  publishes  the  Lippis  Report  newsletter,  a 
resource  for  network  and  IT  business  decision 
makers.  Get  your  free  subscription  at  www.lip 
pis.com.  He  can  be  reached  at  nick@lippis.com. 


How  social  engineering  sinks  security 


The  last  time  you  went  to  a  computer  industry 
trade  show,  you  probably  picked  up  a  few 
trinkets  handed  out  by  vendors:  pens,  mugs, 
stress  balls.  What  if  a  vendor  offered  you  a  handy 
little  1GB  thumb  drive  if  you  agreed  to  watch  a  10- 
minute  demo?  Would  you  take  it  home  and  use  it? 
Heck,  yeah! 

What  happens  if  that  thumb  drive  isn’t  as  inno¬ 
cent  as  it  looks?  Maybe  it  comes  preinstalled  with 
a  Trojan  horse  that’s  going  to  infect  your  PC  and 
send  private  information  back  to  a  hacker.  Do  you 
think  this  is  far-fetched?  Well,  think  again. 

A  recent  article  on  the  Dark  Reading  Web  site 
(see  www.nwdocfinder.com/5529)  discusses  a 
situation  in  which  a  credit  union  asked  an  ethi¬ 
cal  hacking  company  to  test  its  computer  secu¬ 
rity  practices.The  consultant  dropped  a  few  USB 
thumb  drives  in  conspicuous  places  around  the 
building  where  employees  would  find  them  and 
access  them  to  see  what  was  on  them.  Unknown 
to  the  employees,  the  security  consultant  had 
preinstalled  Trojan  software  that  would  load 
onto  the  unsuspecting  employees’  PCs  and  send 
configuration  data  back  to  the  consultant  via 
e-mail.  Of  the  20  thumb  drivers  planted,  15  were 
used  as  intended,  signaling  a  weak  link  in  secu¬ 
rity  practices. 

The  weak  link,  of  course,  is  people.  We ’re  so  darn 
trusting,  naive  and  greedy  The  bad  guys  know  this 
and  take  advantage  of  it  every  way  possible.  It’s 
called  social  engineering,  and  it’s  all  about  trust. 

Social  engineering  is  the  principle  behind 
phishing,  pretexting,  gimme  schemes  in  which 
you  seemingly  get  something  for  nothing  and 
other  methods  that  criminals  use  to  gain  your 


confidence  before  doing  their  dirty  work.  As  tech¬ 
nologies  designed  to  prevent  or  at  least  detect 
miscreant  activity  improve,  criminals  tend  to  prey 
on  the  frailties  of  the  human  element. 

The  Art  of  Deception  by  criminal-turned-ethical- 
hacker  Kevin  Mitnick  discusses  how  social  engi¬ 
neering  can  be  combined  with  computer  hack¬ 
ing  to  wreak  havoc  on  corporate,  public  and  pri¬ 
vate  networks.  The  lesson  is  that  no  matter  how 
strong  you  build  technology  solutions  to  security 
issues,  people  can  and  do  give  up  the  keys  to  the 
kingdom  without  thinking  about  it. 

Over  the  past  year,  I’ve  looked  at  all  kinds  of 
security  technologies  —  including  those  that 

The  best  thing  you  can  do 
is  create  awareness  and 
provide  training  for  your 
employees. 

block  viruses,  sniff  packets,  encrypt  files,  manage 
endpoints  such  as  USB  ports,  monitor  instant  mes¬ 
sage  discussions,  test  the  content  of  data,  detect 
malware  on  PCs,  install  patches,  authenticate 
users,  encrypt  messaging  sessions,  analyze  log 
files  for  forensic  purposes,  prevent  zero-day 
exploits  and  create  virtual  spaces  for  browser  ses¬ 
sions.  All  these  products  do  exactly  what  you  tell 
them  to  do,  and  they  rarely  fail.  But  tell  someone 
to  protect  his  password,  and  he’ll  move  the  sticky 
note  with  the  password  from  the  monitor  to  his 
top  desk  drawer.  The  human  element  is  far  more 
fallible  than  technology 

We  can’t  assume  people  will  be  smart  about 


the  way  they  use  computers.  A  recent  study  con¬ 
ducted  by  the  University  of  California  at 
Berkeley  and  Harvard  University  found  that  a 
well-designed  phishing  Web  site  draws  in  people 
90%  of  the  time,  despite  all  the  publicity  about 
phishing  in  the  mainstream  media  (see 
www.nwdocfinder.com/5530). 

What  can  be  done  about  social  engineering 
and  the  human  weak  link  of  computer  security? 
The  best  thing  you  can  do  is  create  awareness 
and  provide  training  for  your  employees.  Honest 
people  want  to  be  a  part  of  the  solution,  not  part 
of  the  problem. They  need  to  be  taught  about  the 
threats  and  vulnerabilities  —  especially  the  ones 
relying  on  social  engineering. 

Mitnick,  for  example,  cites  his  own  case  of  steal¬ 
ing  source  code  from  Motorola  years  ago  by 
sounding  confident  and  authoritative  on  the 
phone.  He  posed  as  a  Motorola  employee,  and  a 
real  employee  went  out  of  her  way  to  send  him 
proprietary  code  that  he  claimed  he  needed  for  a 
project.  The  only  problem  was  that  it  wasn't  a 
Motorola  project.  A  trusting,  helpful  person  didn’t 
think  to  challenge  his  cover  story  before  giving 
him  trade  secrets. 

So  the  next  time  you  call  or  e-mail  me,  forgive 
me  if  I’m  automatically  suspicious  of  you.  I’m  try¬ 
ing  to  heighten  my  awareness  of  security  lapses 
due  to  social  engineering, and  you  and  your  com¬ 
pany  should,  too. 

Musthaler  is  a  principal  analyst  with  Essential 
Solutions,  an  information  solutions  consulting  firm. 
She  can  be  reached  at  lmusthaler@essent 
ial-iws.com. 
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The  Wi-Fi  divide 

WLANs  find  a  home  in  tiled  work  areas,  but  deployment  lags  in  carpeted  office  environments 


BY  SUSAN  BREIDENBACH 


j  he  wireless  wave  has  swept  through  colleges,  hospitals,  fac¬ 
tory  floors,  retailers,  downtowns,  hot  spots  and  the  home,  but 
it’s  still  just  lapping  at  the  edges  of  traditional  enterprise 
m  office  environments.  As  the  original  802.11  stan¬ 
dard  approaches  its  10th  birthday,  concerns  about  '/  >- 

wireless  security  and  management  overhead 
keep  the  technology’s  popularity  in 
highly  mobile  “tile  niches”  from 
spilling  over  into  enter-  k 

prise  “carpeted  areas”  ^  II 

and  industries.  i 


Carpeted-area  wireless  LAN  \  '  B 

(WLAN)  deployments  continue  V  ;•  B 

to  face  some  significant  road-  \  ™ 

blocks.  Most  of  the  employees  who  \ 
occupy  these  areas  work  at  desks,  V 
and  few  have  laptops. The  low  pene-  V 
tration  of  laptops  replacing  traditional  » 
office  desktops  is  an  inherent  limitation  V  i| 
and  many  companies  continue  to  see  \ 
them  —  and  Wi-Fi  —  more  as  a  conve-  V  ... 

nience  than  a  business  necessity  The  risks  \  ' 
continue  to  outweigh  the  benefits  by  a  signifi-  \ 
cant  margin.  ’ 

To  check  the  Wi-Fi  pulse  of  the  industry  Network 
World  recently  touched  base  with  nine  companies 
in  various  stages  of  WLAN  adoption,  ranging  from  \ 
no-wireless  policies  to  aggressive  rollouts.  V 

One  Wi-Fi  skeptic  is  Blue  Cross  of  Idaho,  a  represen¬ 
tative  of  the  carpet-heavy  insurance  industry  Most  \ 

employees  work  at  desks  with  wired  access,  and  very  v 

few  have  laptop  computers.  Except  for  one  mobile  train-  V 
ing  area,  a  strict  no-wireless  policy  is  enforced  by  Network 
Chemistry’s  RFprotect  monitoring  technology 
“We  wouldn’t  shy  away  from  wireless  if  we  identified  a 
real  business  need  for  it,  but  we  just  haven’t  seen  one  on  the 
campus,”  says  Jan  Marshall,  manager  of  technical  and  network 
services  for  the  Blue  Cross/Blue  Shield  franchise.“The  amount 
of  manpower  required  to  keep  a  wired  network  secure  and 
working  is  much  less,”  he  adds. 


Security  still  a  concern 

Nevertheless,  security  continues  to  hold  back  deployments.  In  a 
recent  Gartner  survey  98%  of  enterprise  IT  professionals  said  WLAN 
security  was  a  major  concern,  and  60%  said  it  was  not  adequate. 
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Financial  institutions  in  particular  are 
reluctant  to  deploy  wireless.  Some 
avoid  WLANs  completely,  and  others 
deploy  the  technology  only  to  accom¬ 
modate  guests. 

Prudential  Financial  is  “cautiously  opti¬ 
mistic”  about  WLAN  security  says  Jim 
White,  vice  president  of  information  sys- 
tems.The  company  is  testing  the  wireless 
waters  with  a  200-user  pilot  begun  earlier 
this  year.  Before  that,  concerns  about  se¬ 
curity  and  shared-media  performance 
had  kept  wireless  out  of  the  company 

“This  year,  speed,  reliability  and  —  at 
least,  theoretically  —  security  have  im¬ 
proved, ’’White  says,  referring  to  ratification 
of  the  802.1  li  wireless  standard  and  the 
integration  of  authentication  and  Active 
Directory  in  Windows  XP  Service  Pack  2. 
“We’re  using  [Wi-Fi  Protected  Access]  and 
WPA2  encryption,  plus  the  direct  tie  into 
Active  Directory  gives  us  additional  con¬ 
trols  over  the  environment.” 

Similarly, Turner  Construction  Co.  had 
WLAN  security  concerns  that  kept  a 
no-wireless  policy  in  place  until  the 
middle  of  last  year.  Company  laptops 
were  shipped  from  the  factory  with  the 
embedded  wireless  technology  dis¬ 
abled  at  the  BIOS  level.  Users  could 
enable  it  for  hot-spot  access  to  the 
Internet  outside  the  company,  but  wire¬ 
less  access  to  the  private  enterprise 
network  was  not  allowed. 

“But  then  a  lot  of  technologies  fell 
in  place  at  about  the  same  time,” 
recalls  Mason  Brown, senior  network 
security  engineer  for  Turner. “The  WPA 
encryption  and  802. IX  authentication 
looked  like  strong  security,  plus 
Windows  XP  Service  Pack  2  intro¬ 
duced  seamless  authentication  with 
Active  Directory”  He  also  cites  the 
advent  of  lightweight  access  points. 

“In  short,  the  server  side  and  the  wire¬ 
less  hardware  side  came  together,  and  we 
could  provide  a  seamless  and  secure 
wireless  experience  for  users,”  he  says. 
Turner  put  together  policies  and  let  its 
46  branch  offices  know  that  wireless  was 
available, and  1 1  offices  have  imple¬ 
mented  WLANs  throughout  their  facilities. 

Ironically,  the  paradigm  shift  toward 
thin  access  points  with  centralized 
management  that  began  about  a  year 
and  a  half  ago  initially  slowed  WLAN 
deployment.  While  replacing  intelli¬ 
gent,  distributed  access  points  with 
this  more  centralized  architecture 
enables  better  security,  management 
and  scalability,  customers  were  baffled 
initially  as  vendors  did  an  about-face 
and  started  singing  a  different  tune. 

“It  took  users  a  while  to  understand 
the  benefits  of  the  centralized  architec¬ 
ture,”  say  Aaron  Vance,  senior  analyst 
with  Synergy  Research.“Now  they  see 
ficw  it  is  more  conducive  to  large-scale 
rollouts  that  will  have  tangible  business 
benefits  to  them.You  can  now  scale  up 


to  tens  of  thousands  of  access  points, 
which  would  have  been  operationally 
impossible  in  the  distributed  scenario.” 

One  WLAN  early  adopter,  the 
University  of  Utah  Health  Sciences 
Center  (UUHSC),has  seen  the  benefits 
of  the  thin-access-point  architecture. The 
medical  center  cut  its  wireless  teeth  on 
the  old  802. 1 1  frequency-hopping 
technology  and  evolved  its  infrastruc¬ 
ture  with  the  standard,  gradually  seeing 
specialized  medical  devices  and  mobile 
carts  starting  to  communicate  over  the 
WLAN.  And  UUHSC  is  eyeing  the  emerg¬ 
ing  802.1  In  standard, which  would  let 
bandwidth-intensive  devices,  such  as 
portable  X-ray  machines,  transmit 
images  over  the  WLAN. 

“Last  year  we  were  bringing  a  new 
medical  education  building  online,  and 
we  took  a  fresh  look  at  how  we  were 
doing  wireless,” says  Bo  Mendenhall, 
manager  of  information  security  at 
UUHSC.The  medical  center  decided 
on  a  thin-access-point  switched  solu¬ 
tion  from  Aruba  Networks  and  has 
replaced  90%  of  its  fat  access  points. 
Aruba’s  built-in  monitoring  capabilities 
are  used  to  help  secure  the  WLAN, 
augmented  by  AirDefense  technology 
in  critical  areas. 

While  the  medical  center’s  clinical 
areas  are  completely  covered  with 
WLAN  access,  deployment  in  the 
administrative  offices  is  still  quite  low. 
The  original  driver  for  the  WLAN  was 
the  mobility  requirements  of  healthcare 
professionals,  but  such  an  imperative  is 
lacking  on  the  administrative  side. 

BNSF  Railway  is  another  WLAN  early 
adopter  that  has  a  carpeted/noncar- 
peted  divide  —  though  in  BNSFs  case, 
it  is  more  an  indoor/outdoor  divide. The 
vast  majority  of  the  Fort  Worth, Texas- 
based  railroad’s  1200  access  points  are 
outside,  where  they  provide  access  to 
maintenance  and  intermodal  yards. 

The  intermodal  yards  handle  contain¬ 
ers  that  are  transported  by  ocean  ves¬ 
sel,  rail  or  truck.The  trucks  moving 
these  containers  around  were  origin¬ 
ally  equipped  with  a  proprietary 
900MHz  wireless  system,  but  they  were 
replaced  about  five  years  ago  with 
802.1  lb,  which  was  subsequently  sup¬ 
planted  by  802.1  lg.  Like  UUHSC,  BNSF 
picked  Aruba  WLAN  technology 
because  of  its  security  features. 

“At  first,  we  didn’t  think  security  issues 
could  do  that  much  damage,” says 
Frederick  Gratke,  director  of  technology 
for  BNSF  “But  we  gradually  realized 
there  were  people  who  could  be  mali¬ 
cious  for  no  particular  reason.  We  now 
pay  a  lot  of  attention  to  security  and 
developing  standards,  and  are  pushing 
certificates  to  users  for  authentication.” 

However,  it  is  the  lack  of  a  business 
case,  rather  than  security  fears,  that- 
keeps  WLAN  deployment  somewhat 


limited  in  the  railroad’s  office  areas. 
Cafeterias,  break  rooms  and  other  com¬ 
mon  meeting  areas  are  covered,  but  a 
lot  of  the  cubicles  and  offices  are  not. 

R0I  considerations 

This  same  carpeted/noncarpeted  divide 
is  manifested  to  some  extent  in  enter¬ 
prises  as  diverse  as  entertainment-focused 
West  Edmonton  Mall  (WEM)  and  defense 
contractors  Lockheed  Martin  and  Textron. 
Billed  as  the  world’s  largest  entertain¬ 
ment  and  shopping  center,  the  West 
Edmonton  Mall  covers  the  equivalent  of 


48  city  blocks  in  Edmonton,  Alberta,  and 
includes  800  shops,  100  restaurants,  a 
hotel  and  nine  major  entertainment 
attractions.  Guests  are  provided  with  an 
uncommon  21st-century  experience,  and 
wireless  connectivity  is  a  part  of  it. 

Having  a  huge  facility  to  cover,  WEM 
eschewed  WLAN  technology  until  thin 
access  points  with  centralized  man¬ 
agement  started  to  emerge  about 
three  years  ago. The  company  settled 
on  a  WLAN  infrastructure  from 
Chantry  (now  part  of  Siemens’  HiPath 
See  Wireless,  page  50 


The  state  of  wireless  deployment 

A  sampling  of  companies  shows  implementations  to  date  are  concen¬ 
trated  in  the  tiled  areas  of  organizations. 

BNSF  Railway 

802.11g  is  used  out  in  the  rail  yards  and  in  common 
meeting  areas  inside,  but  otherwise  cubicles  and  offices 
aren’t  equipped. 

Frederick  Gratke, director  of  technology 


Lockheed  Martin 

Until  now  rollouts  have  favored  the  manufacturing  areas, 
although  the  company  plans  to  extend  wireless  coverage 
to  the  carpeted  areas  of  the  enterprise. 

Ben  Halpert,  senior  systems  analyst 


f 


Textron 

Currently  about  20%  of  the  conglomerate’s  offices  are 
covered  with  WLANs,  with  future  deployment  likely  to  be 
focused  on  the  manufacturing  floors. 

Jasyn  Voshell,  senior  IT  auditor 


University  of  Utah  Heilth  Sciences  Center 

The  medical  center’s  clinical  areas  are  covered  with  thin 
access  points,  but  implementation  on  the  administrative  side 
is  quite  low  because  those  workers  don’t  require  mobility. 

Bo  Mendenhall,  manager  of  information  security 

West  Edmonton  Mall 

Shoppers  and  hotel  guests  are  surrounded  by  wireless 
technology.  The  technology  also  has  found  a  place  in 
some  remote  offices  and  mall  executives’  homes. 

Joe  Schuldhaus,  vice  president  of  IT 
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continued  from  page  48 

portfolio)  and  began  a  phased  rollout. 
“We  started  with  hospitality  first,  be¬ 
cause  that  was  the  lowest-hanging 
fruit,” says  Joe  Schuldhaus,the  mall’s 
vice  president  of  lT.“Management 
wanted  to  see  some  payback.  We  lit  up 
the  hotel,  the  conference  center  and 
all  of  the  hotel  assets,  including  the 
food  courts  in  the  mall.” 

Guests  can  purchase  wireless  Internet 
access,  and  the  mall’s  shops  can  piggy¬ 
back  on  the  wireless  infrastructure. The 
network  also  is  being  leveraged  to 
automate  some  of  the  mail’s  opera¬ 
tional  facilities,  collecting  feeds  from 
the  security  cameras  and  enabling  the 
maintenance  staff  to  interact  with  the 
HVAC  systems  remotely 
WEM,  which  is  using  AirTight’s  Spectra- 
Guard  technology  to  monitor  for  rogue 
activity,  is  “not  keeping  wireless  out  of 
anywhere  deliberately  Schuldhaus 
says.  While  the  focus  is  elsewhere, 
access  points  are  being  deployed  in 
back-office  environments,  including 
some  remote  offices  and  executives’ 
homes. “We  can  manage  them  remote¬ 
ly  and  keep  full  ownership  of  the  secu¬ 
rity  he  says.“Employees  just  power  up 
their  laptops  and  see  everything  as  if 
they  were  here  in  the  main  facility” 

As  defense  contractors,  Lockheed 


No  big  need  for  wireless 

WLANs  aren't  too  useful  to  office 
workers  who  lack  laptops  or  other 
mobile  devices,  and  most  corporate 
computing  is  still  done  through 
desktop  PCs. The  current  installed 
base  of  laptops  is  22%,  and  that 
includes  noncarpeted  areas. 
However,  companies  are  gradually 
purchasing  devices  that  call  for 
cordless  connections. 

Wn t  percentage  of  your  PC  purchases  will  be 
taofei's  platforms  over  the  next  12  months? 

Public  sector:  16% 

&  wholesale  trade:  20% 

Finance  &  insurance:  21% 

Media,  entertainment  &  leisure:  24% 

Average  across  industries:  25% 

Jtilities  &  telecom:  27% 

Business  services:  31% 

Manufacturing:  32% 

ounce:  fOPRESTER  RESEARCH 


Martin  and  Textron  must  run  somewhat 
tighter  network  ships.The  federal  8100.2 
NIST  standard  regulates  wireless  deploy¬ 
ments,  and  areas  doing  classified  work 
can  have  no  wireless  communications. 

“We’re  right  on  the  cusp,  with  wireless 
about  to  take  off  across  the  enterprise,” 
says  Jasyn  Voshell,  senior  IT  auditor  for 
Textron.  WLANs  cover  about  20%  of 
Textron,  with  deployments  split  fairly 
equally  between  carpeted  and  noncar¬ 
peted  areas.  But  going  forward,  the 
emphasis  will  be  more  one-sided. 

“We  will  probably  focus  on  the  manu¬ 
facturing  areas  first,  because  that’s 
where  most  of  the  measurable  ROI  is. 
People  in  manufacturing  have  to  be 
mobile,  and  having  cables  all  over  the 
floors  is  dangerous.  In  the  carpeted 
office  spaces,  wireless  is  more  just  a  con¬ 
venience  for  the  conference  rooms.” 

Textron’s  access  points  are  deployed  in 
a  DMZ,  where  they  connect  to  a  VPN 
switch,  and  laptops  are  equipped  with 
software  that  protects  them  against  a 
variety  of  wireless  threats  and  keeps 
track  of  where  they  go  when  they  are  off 
the  campus.  A  wireless  intrusion- 
detection  system  (IDS)  keeps  an  eye  on 
what  happens  on  campus. 

“When  we  put  the  IDS  system  in,  it  was 
amazing  to  see  how  many  rogue 
[access  points]  we  had  out  there,” 
Voshell  says.“We  didn’t  expect  that.” 

Textron  is  a  multi-industry  manufactur¬ 
ing  conglomerate  that  derives  about  a 
quarter  of  its  revenue  from  defense 
work.The  much  more  heavily  defense- 
focused  Lockheed  Martin  is  a  bit  more 
circumspect  about  its  WLAN  deploy¬ 
ments  and  plans.  Rollouts  have  favored 
the  noncarpeted  areas,  says  senior  sys¬ 
tems  analyst  Ben  Halpert,  but  the  com¬ 
pany  is  in  the  process  of  defining  a  com¬ 
prehensive  mobility  strategy 

“Lockheed  Martin  has  seen  increas¬ 
ing  interest  in  extending  wireless  cov¬ 
erage  into  the  carpeted  areas  and  is 
working  on  a  means  to  close  the  gap,” 
Halpert  says. 

Don’t  knock  convenience 

This  gap  can  be  virtually  nonexistent 
in  some  companies.  While  many  dismiss 
convenience  as  mere  luxury  others 
regard  it  as  a  sufficient  reason  to 
embrace  Wi-Fi  technology  wholeheart¬ 
edly  —  even  throughout  the  back 
offices.The  fast-food  industry  for  exam¬ 
ple,  is  bascially  in  the  convenience  busi¬ 
ness,  and  wireless  fits  easily  into  the  cor¬ 
porate  culture. 

“We  started  looking  at  WLANs  five  or  six 
years  ago,  and  it  caught  on  very  quickly]’ 
says  Gary  Tomanich,  a  senior  network 
analyst  for  a  major  fast-food  chain.“The 
wireless  culture  just  exploded,  and  it  got 
to  the  point  where  no  one  wanted  a 
desktop  computer  anymore.” 

In  the  midst  of  this  unfettered  enthusi¬ 


asm,  rogue  access  points  started  to  prolif¬ 
erate  as  employees  brought  in  their  own 
devices.“For  us,  functionality  trumped 
security  and  that  kind  of  came  back  to 
bite  us, ’’Tomanich  says.“We  brought  in  a 
third  party  to  do  a  wireless  audit,  and  the 
results  were  quite  shocking.” 

A  detailed  remediation  plan  sent  the 
fast-food  chain  looking  at  WLAN  secu¬ 
rity  products,  and  it  now  uses  AirTight’s 
SpectraGuard  technology  to  ensure 
proper  coverage  and  keep  an  eye  on 
the  airwaves. The  SpectraGuard  site 
planner  tool  letTomanich’s  headquar¬ 
ters-based  team  deploy  Wi-Fi  networks 
securely  in  33  regional  sites,  without 
having  to  visit  them. 

“There’s  no  reason  to  be  afraid  of  wire¬ 
less,”  he  says.“It’s  just  that  a  lot  of  compa¬ 
nies  rolled  it  out  without  a  lot  of  thought 
about  standards  and  policies.” 

Implementation  inhibitors 

Any  type  of  wireless  rollout  —  from 
cavalier  to  painstakingly  planned  —  is 
not  an  option  in  many  carpeted  areas. 
According  to  Forrester,  laptops  make  up 
22%  of  the  installed  base  of  enterprise 
computers,  and  they  still  represent  a 
minority  of  new  purchases.The  manu¬ 
facturing  sector,  a  WLAN  early  adopter, 
shows  the  highest  preference  for  lap¬ 
tops,  but  they  still  account  for  just  32% 
of  its  new  acquisitions.The  average  for 
all  sectors  is  25%,  a  number  that  doesn’t 
present  much  of  a  case  for  ubiquitous 
WLAN  deployment. 

Mobility  has  long  been  touted  as  a  big 
productivity  booster,  and  44%  of  respon¬ 
dents  to  the  Gartner  survey  say  increas¬ 
ing  productivity  was  the  primary  reason 
to  implement  WLANs.  However,  such 
productivity  is  difficult  to  quantify  and 
isn’t  proving  to  be  a  compelling  reason 
to  extend  WLANs  throughout  carpeted 
areas.  When  push  comes  to  shove,  they 
are  still  seen  as  a  convenience. 

Another  obstacle  may  be  the  shifting 
sands  of  802.1 1  transmission  standards. 
Frequency-hopping  gave  way  to 

802.1  lb,  followed  by  802.1  la  and 

802.1  lg,  and  now  the  industry  awaits 

802.1  In. “A  number  of  our  no-wireless 
customers  are  waiting  for  802.1  In, 
which  means  they  won’t  be  deploying 
WLANs  until  late  next  year  or  even 
early  2008,”  says  Dennis  Tsu,  vice  presi¬ 
dent  of  marketing  for  AirTight.The  Wi¬ 
Fi  Alliance  recently  announced  plans 
to  begin  interoperability  testing  soon 
of  the  pre-802.11n  products  flooding 
the  market. These  devices  are  gaining 
traction  mainly  with  consumers. 

Security  issues  also  affect  the  carpeted 
areas  more  severely  partly  because  the 
reward  variable  in  the  risk/reward  equa¬ 
tion  isn’t  as  big,  and  partly  because  car- 
peted-area  users  are  basically  in  control 
of  WLAN  security  While  the  handheld 
devices  used  in  noncarpeted  areas  are 


preconfigured,  carpeted-area  users  are 
equipped  with  laptops  that  can  be  con¬ 
figured  as  rogue  access  points. 

In  fact,  unless  they  are  using  wireless 
monitoring  technology  for  detection 
and  enforcement,  enterprises  that 
think  they  have  no  wireless  actually 
do.  Employees  pick  up  inexpensive 
access  points  at  the  local  computer 
store,  or  configure  their  laptops  to 
function  as  peer  access  points. 

And  companies  can’t  watch  for  such 
rogue  wireless  activities  unless  they 
install  wireless  technology;  some  solu¬ 
tions  require  an  actual  WLAN.  As  this 
exposure  to  wireless  gradually  makes 
enterprises  more  comfortable  with  wire¬ 
less  networking,  they  gain  confidence  in 
their  ability  to  manage  and  control  a 
wireless  environment,  and  start  using 
the  technology  to  implement  WLANs 
rather  than  keep  them  out. 

“It  allows  us  to  enforce  whatever 
policy  we  choose,  whether  it  is  no 
wireless  or  part  wireless  or  wireless 
almost  everywhere,”  Blue  Cross  of 
Idaho’s  Marshall  says  about  Network 
Chemistry’s  RFprotect. 

Once  companies  do  take  the  wireless 
plunge,  their  priorities  and  concerns 
quickly  shift.  According  to  the  Gartner 
study,  management  becomes  the  big¬ 
ger  issue.“If  you  haven’t  deployed, you 
are  worried  about  security]’ says 
Gartner  research  director  Rachna 
Ahlawat.  If  you  have  deployed, you 
know  that  security  isn’t  the  problem  — 
it’s  the  management.” 

The  IT  professionals  we  interviewed 
agree.  With  no  standards  for  WLAN  man¬ 
agement,  they  advise  keeping  things  sim¬ 
ple  by  sticking  to  access  points  from  a 
single  vendor.  Otherwise,  the  risks  are 
likely  to  outweigh  the  rewards  in  car- 
peted-area  deployments. 

Don’t  be  surprised  if  getting  into  wire¬ 
less  increases  the  security  of  your 
wired  network.“You  can  have  a  very 
insecure  wired  network  as  well,”West 
Edmonton  Mali’s  Schuldhaus  says. 
“Wireless  forces  companies  to  be  more 
vigilant  about  the  overall  security  of 
their  network  infrastructures  and  more 
aware  of  the  issues.” 

Breidenbach  is  a  freelance  writer  in 
Nevada.  She  can  be  reached  at  sbreiden 
bach@usa.net. 
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Online  exclusive 

Analysts  predict  that  voice  over  wireless  and  dual¬ 
mode  phones  will  help  drive  WLAN  deployment  deeper 
into  the  enterprise. 

www.nwdocfinder.com/5521 


Open  source  Quagga  router 
sets  an  acceptable  pace 


Pros:  Inexpensive;  has  good  performance;  is 
easy  to  use  if  you  are  familiar  with  Cisco's 
user  interface. 

Cons:  Open  source  community  is  only  source  of 
support;  requires  a  hefty  machine  to  handle 
an  enterprise  level  of  ports;  weak  on 
features  when  compared  with  Cisco  IOS. 

Access  the  Router  Buyer’s  Guide 


BY  JOHN  BASS,  NETWORK  WORLD  LAB  ALLIANCE  Shop  around  for  commercial  competitors  to  the 

^  ,  .  .  .  ^  .  .  .  Quagga  open  source  router  project. 

Open  source  routing  software  projects  have  been  receiving  attention  lately  www.nwdocfinder.com/5542 


as  viable,  inexpensive  platforms  for  midlevel  routing  deployments.  But  are 


they  practical  for  enterprise  network  managers  used  to  the  performance  lev¬ 
els  and  feature  bells  and  whistles  served  up  by  commercial  router  vendors? 


That  is  the  question  we  explore  in  this  initial  test  of  open 
source  router  software.  Most  open  source  router  software 
spawns  from  one  of  two  projects  —  Zebra  and  extensible 
Open  Router  Platform  (XORP).  Because  the  Zebra  project 
has  been  dormant  since  mid-2004,  we  tested  its  descen¬ 
dant,  Quagga,  which  is  updated  about  every  quarter.  (We 
plan  to  test  a  XORP-based  product  later  this  year.) 

Overall,  we  found  running  Quagga  on  modest  Dell 
servers  yields  performance  numbers  that  would  make  the 
combination  a  formidable  platform  for  a  purpose-built 
routing  application.  If  you’re  looking  to  run  Quagga  as  a 
router  in  your  production  network,  however,  you  may 
require  a  higher  port  density  This  requires  a  server  with 
more  horsepower,  which  is  more  expensive.This  additional 
cost  may  offset  somewhat  Quagga’s  low-cost  appeal. 

Quagga  runs  on  GNU/Linux  2.4.x  and  higher,  FreeBSD  4.x 
and  higher,  NetBSD  1.6  and  higher, OpenBSD  2.5  and  higher, 
and  Solaris  8  and  higher.  It  supports  Routing  Information 
Protocol  and  RIPv2,RIPng,Open  Shortest  Path  First  (OSPF), 
OSPFv2,OSPFv3,  IPv6,  Internet  Group  Management  Protocol 
and  IGMPv2,and  Border  Gateway  Protocol  4. 

Quagga’s  basic  architecture  consists  of  a  Zebra  daemon 
that  handles  updates  to  the  Unix-based  routing  tables,  and 
additional  daemons  for  OSPF  RIP  and  BGP  Quagga  has  a 
unified  configuration  file  for  all  daemons,  which  is  easier  to 
maintain  than  the  original  Zebra  implementation  that  has 
separate  configuration  files  for  each  daemon.The  syntax  of 
the  Quagga  configuration  files  is  very  much  Cisco-esque. 
Quagga  lets  the  user  change  IP  addresses  from  the  config¬ 
uration  file  and  command  line;  there  is  no  need  to  config¬ 
ure  IP  addresses  outside  the  router.  The  command-line 
interface  is  easy  to  use  and  intuitive  (assuming  some  Cisco 
experience). 

Measuring  performance 

To  characterize  IP  packet-forwarding  capabilities  of  the 
Quagga  software  running  on  two  Dell  machines,  we  ran 
throughput,  packet  loss  and  latency  tests  using  a  Spirent 
Smartbits  6000  results  with  3301A  10/ 100/ 1000Mbps 
Ethernet  interfaces  interfaces  (see  How  we  did  it  at 
www.nwdocfinder.com/5523).  We  compared  a  Cisco  2621 
router  (running  IOS  vl2.1)  with  Quagga  running  on  a  rack¬ 
mounted  Dell  1550  server  (with  single  933MHz  Pentium  III 
CPU,  256MB  of  RAM  and  two  10/100  Ethernet  network  inter¬ 
face  cards  [NIC]). We  also  compared  a  Nortel  5520  switch 


with  packet-forwarding  capability  with  Quagga  running  on 
a  Dell  2850  server  (with  dual  3.6GHz  Xeon  CPUs  with  1GB 
of  RAM  and  two  10/100/1000  Ethernet  NICs). 

Quagga  running  on  the  Dell  1550  performed  at  line  rate 
(100Mbps)  with  packets  larger  than  256  bytes.  For  64-byte 
packets,  the  Quagga  box  was  able  to  forward  31Mbps  of 
traffic.  The  Cisco  2621  didn’t  do  very  well  in  the  forward¬ 
ing  tests,  but  we  expected  that,  because  it’s  an  older  entry- 
level  router  with  a  small  processor  (an  MPC860  processor 
clocked  at  66MHz),one  that  an  open  source  router  might 
be  targeted  to  replace.The  Cisco  262 1  was  able  to  forward 
30Mbps  worth  of  1,518-byte  packets  and  fell  to  4.3Mbps 
with  64-byte  packets. 

The  Cisco  router  did  a  better  job  of  getting  its  packets 
through  the  router  with  less  delay  than  the  Quagga  router. 
We  saw  a  630-microsec  latency  measurement  for  the  Cisco 
2621,  compared  with  a  1,615-microsec  latency  for  Quagga 
running  on  a  Dell  1550.  Keep  in  mind  that  increased  laten¬ 
cy  results  in  decreased  TCP  throughput  overall. 

The  Nortel  box  forwarded  packets  flawlessly  at  line 
rate  for  all  packet  sizes.  Quagga  running  on  the  Dell  2850 
combination  hit  close  to  line  rate  —  915Mbps  —  with 
1,518-byte  packets  but  could  only  forward  100Mbps  with 
64-byte  packets.The  packet-loss  tests  reflected  the  results 
of  the  throughput  tests  for  the  Nortel  and  Quagga  sys¬ 
tems.  The  Nortel  router’s  latency  was  very  low  — 
4  microsec. Quagga  on  the  Dell  2850  had  a  224  microsec 
average  latency. 

Routing  capabilities 

To  see  how  our  Quagga/Dell  installation  fared  in  main¬ 
taining  its  routing  table,  we  ran  an  OSPF-based  route¬ 
flapping  test  in  order  to  stress  the  router. The  router  had  to 
change  the  routing  table  after  receiving  a  huge  number  of 
changes  at  once  from  the  routing  protocol.We  ran  this  test 
against  both  Quagga  combinations  and  the  Cisco  2621. 
The  Nortel  5520  doesn’t  support  OSPF  in  the  configura¬ 
tion  we  had  in  the  lab. 

The  Quagga  platform  accepts  about  500  routes  via  OSPF 
The  Cisco  2621  was  able  to  accept  more  than  2,000 
routes.  But  as  the  lowest  common  denominator,  we  used 
a  maximum  of  500  routes  for  all  our  route  flap  tests.  All  the 
routers  were  able  to  recover  from  the  flapped  routes, 
which  is  worth  noting.  We’ve  seen  some  routing  imple¬ 
mentations  crash  or  begin  dropping  a  significant  number 


of  packets  after  a  route  flap  event.  That  being  said,  the 
Cisco  2621  handled  the  route  changes  quicker.  The 
Quagga  installation  took  five  to  10  seconds  compared 
with  Cisco’s  three  seconds. 

If  you  are  interested  in  using  Quagga  as  a  platform  to 
develop  new  routing  features  —  such  as  a  firewall  or  intru¬ 
sion  detection  —  go  for  it.  Quagga  performed  respectfully 
in  all  areas  of  our  tests  and  should  be  a  stable  development 
platform  in  terms  of  function  and  performance.  We  didn’t 
evaluate  the  extensibility  of  the  Quagga  code,  however,  so 
you’ll  have  to  determine  whether  Quagga  is  right  for  your 
development  environment. 

If  you  are  interested  in  running  Quagga  in  your  pro¬ 
duction  network,  you'll  need  to  consider  its  perform¬ 
ance  limitations.  Quagga  probably  will  perform  better 
with  faster  hardware  than  we  used  in  our  tests,  but  that 
also  raises  the  price  bar,  possibly  negating  a  very  impor¬ 
tant  open  source  advantage. You  must  also  consider  the 
necessary  port  density  required  for  your  network,  as  per¬ 
formance  will  degrade  at  least  linearly  as  you  add  more 
ports,  and  most  servers  have  a  limited  number  of  NIC 
slots  available. 

Bass  is  technical  director  and  Zabala  a  network  engineer 
at  the  Centennial  Networking  Lab  of  North  Carolina  State 
University  in  Raleigh.  CNL  tests  network  equipment  and  net¬ 
work-attached  devices  for  interoperability  and  perfor¬ 
mance. They  can  be  reached  at  john_bass@ncsu.edu  and 
jzabala@cnl.  ncsu.  edu,  respectively. 


Lab  Alliance 


■  Bass  also  is  a  member  of  the  Network  World  Lab  Alliance,  a 
cooperative  of  the  premier  testers  in  the  network  industry,  each 
bringing  to  bear  years  of  practical  experience  on  every  test.  For 
more  Lab  Alliance  information,  including  what  it  takes  to  become 
a  partner,  go  to  www.networkwoiid.com/alliance. 

Other  members:  Mandy  Andress,  ArcSec;  Travis  Berkley, 
University  of  Kansas;  Jeffrey  Fritz,  University  of  California,  San 
Francisco;  James  Gaskin,  Gaskin  Computing  Services;  Thomas 
Henderson,  ExtremeLabs;  Miercom,  network  consultancy  and  prod¬ 
uct  test  center;  Christine  Perey,  Perey  Research  &  Consulting; 
Barry  Nance,  independent  consultant;  David  Newman,  Network  Test; 
Thomas  Powell,  PINT  Joel  Snyder,  Opus  One;  Rodney  Thayer 
Canola  &  Jones;  Sam  Stover,  independent  consultant 
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Vendor  Solutions  for  Your  IT  Challenges 


COMPANY:  Netcordia 


COMPANY:  The  Siemon  Company™ 


OVERVIEW:  Founded  in  2000,  Netcordia  develops 
NetMRI,  an  automated  Best  Practices  based  network 
management  appliance.  NetMRI  is  the  most  comprehen¬ 
sive,  fully  integrated  network  diagnostic  tool  for  enter¬ 
prise  and  government  networks. This  plug  and  play  unit 
allows  a  network  engineer  to  easily  and  quickly  identify 
issues  with  respect  to  VoIP,  configuration  compliance, 
VLAN,  and  IP  within  the  network. 

CHALLENGE:  As  technology  is  becoming  an  integral 
part  of  everyday  business,  enterprises  are  placing  more 
rigorous  demands  on  their  networks,  expecting  high 
reliability,  rapid  response  time,  consistency  and  compli¬ 
ance.  These  demands  have  network  engineers  searching 
for  a  way  to  proactively  and  cost-effectively  manage  the 
network  infrastructure  without  utilizing  too  much  staff 
time  and  energy. 

SOLUTION:  Netcordia  provides  the  solution  with 
NetMRI,  an  award-winning  network  analysis  appliance 
that  goes  beyond  reporting  to  provide  analysis  based 
upon  expert  rules  and  best  practices.  With  NetMRI,  net¬ 
work  managers  can  optimize  their  networks,  pinpointing 
and  solving  present  and  potential  hot  spots.  What  may 
have  previously  taken  numerous  IT  professionals  hun¬ 
dreds  of  hours  to  uncover,  a  single  NetMRI  unit  now  easily 
finds  in  minutes. 

Monitoring  and  network  management  tools  typically 
capture  statistics  from  interfaces,  links  and  protocols, 
draw  maps  and  graphs  and  send  real  time  alerts  about 
fault  conditions.  NetMRI  correlates  the  statistics  and 
applies  rules  of  logic  for  troubleshooting  in  a  useful 
browser-based  view  or  report.  NetMRI  takes  the  next  step 
with  its  configuration  capabilities  that  allow  customers  to 
automatically  fix  problems,  and  create  their  own  custom 
best  practices.  NetMRI  establishes  accuracy,  integrity  and 
reliability  in  significantly  less  time  than  legacy  offerings. 


OVERVIEW:  Established  in  1903,  Siemon™  special¬ 
izes  in  the  manufacture  and  innovation  of  high- 
performance  network  cabling  solutions.  One  of  only 
three  network  cabling  companies  with  true  global 
capabilities,  Siemon  offers  the  most  comprehensive 
suite  of  copper  and  fiber  cabling  systems  available. 

With  over  400  active  patents  specific  to  structured 
cabling,  Siemon  Labs™  invests  heavily  in  R&D  and 
industry  standards,  underlining  the  company's  long¬ 
term  commitment  to  its  customers  and  the  industry. 

CHALLENGE:  According  to  the  London  Metal 
Exchange,  the  price  of  copper  has  tripled  in  the  past 
four  years,  rising  over  59%  between  January  and  May 
of  2006  alone.  With  copper  prices  soaring  globally  and 
showing  little  signs  of  stabilizing,  network  cabling  com¬ 
panies  have  been  forced  to  adjust  copper  cable  pricing 
accordingly. 

SOLUTION:  Through  the  standards-accepted  practice 
of  cable  sharing,  Siemon's  fully-shielded  category  7/class 
FTERA®  cabling  system  allows  up  to  4  applications  to 
run  over  a  single  cable,  potentially  reducing  the  num¬ 
ber  of  copper  cabling  channels.  By  virtue  of  individually 
foil-wrapped  pairs  and  overall  screen,  S/FTP  cable  allows 
multiple  applications  to  run  without  internal  interference. 

S/FTP  cable  construction  is  further  supported  by  the 
TERA  4-quandrant  isolated  outlet  which  can  be  easily 
terminated  in  less  than  3  minutes.  Fitting  within  a  stan¬ 
dard  RJ  footprint,  the  combination  of  the  TERA  outlet 
and  TERA  to  RJ  patch  cords  allows  simple  facilitation  of 
cable  sharing.  As  with  traditional  cabling  channels,  all 
four  pairs  of  each  cable  are  terminated  in  a  single  outlet. 
However,  unlike  an  RJ  interface,  the  TERA  outlet  can 
support  up  to  4  one-pair  cords,  2  two-pair  cords  or  a 
combination  of  the  two,  without  the  need  for  additional 
splitters  or  adapters. 


♦  DiagnosticBase™  best  practices  built  in 

*  Automatically  discovers  entire  infrastructure, 
analyzes  it,  and  makes  suggestions 

•  Easy  to  understand,  self  running 

*  Low  total  cost  of  ownership 


:ordia‘ 


410-286-6161 
Vw^v;. netcordia.com 


Depending  on  the  applications,  a  singleTERA  cable  can 
replace  up  to  4  copper  channels.  With  copper  prices 
significantly  raising  the  cost  of  cable,  this  reduction  in 
total  cable  runs  can  provide  an  immediate  cost  benefit. 

Siemon's  in-depth  whitepaper  detailing  the  practice  of 
cable  sharing  is  available  online  at  www.siemon.com 
or  at  www.networkworld.com 


S  I  E  llffl  O  l\T 


800-945-4200 

www.siemon.com 


COMPANY:  Diskeeper  Corporation 

OVERVIEW:  Diskeeper  Corporation  is  best  known  for 
Diskeeper®, The  Number  One  Automatic  Defragmenter™. 
With  over  20  million  licenses  sold,  corporations  world¬ 
wide  rely  on  Diskeeper  to  provide  unparalleled  speed 
and  reliability  on  their  workstations  and  servers.  The 
company  also  provides  real-time  data  protection  and  in¬ 
stant  file  recovery  with  Undelete®  and  automated  patch 
and  systems  management  with  Sitekeeper®. 

CHALLENGE:  Even  with  all  the  new  technologies 
in  data  storage,  the  disk  is  still  the  weakest  link  in  a 
computer.  SATA  is  improving  workstation  performance, 
and  RAID  (typically  SCSI)  is  the  norm  on  production 
servers.  Even  storage  virtualization  in  the  form  of  SANs  is 
helping.  However,  other  than  defragmentation  software, 
no  solution  —  hardware  or  software-based  —  is  able 
to  solve  the  age-old  issue  of  file  fragmentation.  While 
specialized  defragmentation  software  exists  to  solve  it,  it 
must  properly  integrate  with  business  operations  or  else 
its  value  is  irrelevant. 

SOLUTION:  Large  disks,  multimedia  files,  applications, 
operating  systems,  system  updates,  virus  signatures  — 
all  dramatically  increase  the  rate  of  fragmentation.  If  frag¬ 
mentation  is  not  addressed  daily,  system  performance 
will  suffer.  Fragmentation  increases  the  time  to  access 
files  for  all  common  system  activities  such  as  opening 
and  closing  Word  documents,  searching  for  e-mails, 
opening  Web  pages  and  performing  virus  scans,  and 
executing  database  searches  and  transactions. To  keep 
performance  at  peak,  defragmentation  must  be  done 
daily  on  all  systems. 

IT  Managers  use  Diskeeper's"Set  It  and  Forget  It" operation 
for  automatic  network-wide  defragmentation.  Customers 
agree  Diskeeper  maintains  the  performance  and  reliability 
of  all  their  desktops  and  servers,  even  reducing  mainte¬ 
nance  and  increasing  hardware  life. 

Every  system  on  your  network  needs  Diskeeper,  the 
Number  One  Automatic  Defragmenter.  Special  offer: 

Try  Diskeeper  1 0  FREE  for  45  days!  Download  at 
www.diskeeper.com/nww5  (Note:  Special  45-day 
trialware  is  only  available  at  the  above  link). 

Volume  Licensing  and  Government/Education  discounts 
are  available  from  your  favorite  reseller  or  call  800-829- 
6468  Ext.  4371. 


800-829-6468  Ext.  4371 
www.diskeeper.com/nww5 
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Writing  the  book  on  IT 

Techies-turned-authors  put  their  expertise  in  print. 

BY  PHIL  HOCHMUTH 

In  the  IT  realm,  there  are  newbies,  novices,  experts  and  gurus  —  and 
then  there  are  published  authors.  It  takes  a  certain  level  of  expertise, 
self-confidence,  self-promotion  and,  above  all,  good  grammar  and  writ¬ 
ing  skills,  to  make  the  jump  from  IT  professional  to  IT  author. 

The  path  from  IT  or  network  professional  to  IT/net- 
work  book  author  can  be  as  circuitous  as  a  packets 
path  across  the  Internet.  IT  pros  who  have  written 
books  in  the  areas  of  their  expertise  come  from 
varying  backgrounds  —  from  English  majors  turned 
techies,  to  engineers  with  excellent  grammar  and 
punctuation  skills.Those  whose  names  have  made  it 
to  Amazon.com  and  the  computing/technology 
shelves  of  Barnes  &  Noble  offer  a  few  suggestions: 
know  what  you’re  talking  about;  research  it  again; 
and  plan  some  long,  hard  hours  of  word-processing. 

Compensation  for  books  varies  widely  by  pub¬ 
lisher,  according  to  IT  authors  who  have  been 
through  the  publishing  process.  Some  publishing 
houses  give  advances  to  authors,  while  others  pro¬ 
vide  royalties  based  on  the  amount  of  books  sold. 

Michael  W  Lucas,  author  of  Cisco  Routers  for  the 
Desperate,  says  that  from  taking  money  upfront 
may  be  tempting,  but  holding  out  for  royalties  is 
worth  it.“You  make  far  more  if  you’re  willing  to 
wait  for  your  money  and  take  only  royalties,”  he 
says.“But  if  you  need  the  cash  right  now,  you  can 
take  that  option.  If  you  take  an  advance,  it’s  impor¬ 
tant  to  remember  that  that’s  probably  all  the 
money  you’ll  see  from  the  book.  Very  few  books 
earn  out  their  initial  advances.” 

While  it  may  seem  obvious,  one  prerequisite  for  aspir¬ 
ing  IT  authors  is  to  know  what  they  are  talking  about. 

‘There’s  a  large  gap  between  knowing  something  well 
enough  to  do  your  job  and  knowing  it  well  enough  to  be 
able  to  write  a  book  about  it  —  and  to  not  to  receive 
pointed  e-mails  from  readers  of  the  book  calling  you  an 
idiot,”  Lucas  says. 

Unlike  blogs  or  some  Web-based  how-to  sites,  technical 
books  will  be  your  final  word  on  a  topic  in  a  format  that 
cannot  be  changed. 

“When  you’re  writing  a  book,  it’s  out  there  forever”  says 
James  Trulove, author  of  LAN  Wiring  (third  edition), Build 
Your  Own  Wireless  LAN  and  Broadband  Networking. You 
really  have  to  be  right.” 

This  means  that  as  much  as  a  writer  may  think  he  knows 
about  a  subject,  there  is  always  more  to  learn. 

For  Trulove,  this  involved  lots  of  primary  research;  802.3 
documents  from  the  IEEE  became  regular  reading  when 
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he  was  penning  a  tome  on  Ethernet  and  network  cabling. 

“Don't  kid  yourself;  this  is  a  lot  of  work,”  he  says. 
Ultimately  the  research  made  his  books  stronger  and 
taught  him  some  new  things  on  topics  he  thought  he 
knew  completely. 

Just  as  important  as  writing  accurately  is  writing  clear, 
understandable  prose,  authors  say  Misunderstanding  or 
misinterpreting  correct  information  is  just  as  bad  as  read¬ 
ing  incorrect  information,  they  say 

“Knowing  the  audience  you’re  writing  for  is  important,” 
Trulove  says.“You  have  to  write  so  that  any  reader  can 
understand  it,  not  just  someone  with  your  same  skills  and 
knowledge.” 

Others  think  of  it  in  programming  terms. 

“You  have  to  edit  your  words  just  like  you  would  do 
[quality  assurance]  on  your  code,” says  Priscilla  Oppen- 
heimer,  author  of  Troubleshooting  Campus  Networks." Once 
you’ve  written  something,  leave  it  aside  for  day  and  try  to 
read  it  again  to  get  rid  of  all  extra  verbiage.” 


Reading  the  text  out  loud  or  having  it  read  by  someone 
who  speaks  English  as  a  second  language  are  also  good 
techniques  for  ensuring  that  your  technical  prose  is 
understandable.The  latter  technique  is  especially  impor¬ 
tant,  with  the  swelling  ranks  of  IT  professionals  with  inter¬ 
national  backgrounds. 

Choosing  the  right  topic  is  key  in  getting  the  attention  of 
technical-book  publishers,  IT  authors  say.  Finding  a  niche, 
or  working  with  a  technology  in  the  early  stages  of  its 
development  are  some  paths  to  publishing  success. 

“Working  on  something  that’s  new  or  timely  is  impor¬ 
tant, ’’Trulove  says.  Before  writing  his  first  book, Trulove  was 
busy  extending  RS-232  terminals  with  twisted-pair  network 
cabling  —  a  relatively  new  medium  in  the  industry  Later 
he  was  involved  with  companies  that  were  among  the 
first  to  transition  from  LAN  coaxial  cable  to  twisted  pair. 

“I  was  in  on  those  technologies  very  early,  which  gave 
me  some  good  material  on  a  technology  that  was 
new  and  hot.” 

Finding  a  new  angle  on  a  topic  is  another  method 
to  consider.  Oppenheimer  says  few  network  how-to 
books  then  provided  a  systematic  approach  to  net¬ 
work  design.  Working  as  a  programmer  for  Cisco  at 
the  time,  she  says  that  bringing  a  methodology  to  the 
book  helped  fill  a  gap  in  the  market. 

“We  learned  the  hard  way  that  you  can’t  just 
throw  things  together,  which  is  how  a  lot  of  net¬ 
works  used  to  be  built  at  the  time,” she  says. 

Lucas  also  took  a  different  slant  on  a  widely  cov¬ 
ered  technical  topic  when  writing  his  Cisco  book. 

“There  are  many  big  thick  books  on  Cisco,”  Lucas 
says. “Cisco  technology  is  powerful,  and  you  can  do 
huge  amounts  of  things  with  it,  but  90%  of  Cisco 
users  only  use  5%  of  the  technology  So  1  decided  to 
write  a  book  about  that  5%.” 

The  initial  draft  for  the  book  came  as  a  result  of 
documentation  he  had  written  for  a  tricky  router 
configuration  at  his  former  job  at  an  Internet  ser¬ 
vice  provider.“I  had  to  write  it  all  up  anyway  so  I  fig¬ 
ured  I  may  as  well  polish  it  up  a  little  more  and 
make  a  book  out  of  it,”  Lucas  says. 

For  the  BSD  operating  system,  Lucas  found  many 
anecdotal  tips  and  mailing  list  threads,  but  no  big 
books  on  the  topic. 

“I  essentially  spent  a  year  reading  mailing  archives 
and  translating  the  hurried  notes  of  very  smart  people 
into  English.”The  results  were  Absolute  BSD  and 
Absolute  OpenBSD. 

Hot  or  topical  technologies  may  get  the  attention  of 
publishers,  but  writing  on  the  subject  is  a  careful  bal¬ 
ance  of  specifics  and  generalities,  as  books  on  hot  IT 
topics  can  have  short  shelf  lives. 

Lucas  says  that  in  his  first  book,  he  outlined  specific 
instructions  on  how  to  install  a  piece  of  software  from  a 
certain  vendor. Two  weeks  before  the  publishing  date, 
the  vendor  changed  the  installation  process,  requiring  a 
last-minute  edit. 

Other  technical  areas  have  greater  shelf  life.“Lots  of 
Unix  commands  have  been  around  for  30  years,”  he 
says.“In  Cisco  command-line  interface,  they  may  add 
new  things,  but  commands  that  worked  10  years  ago 
generally  stay  in  the  code  base.”* 
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CONSOLE  MANAGEMENT  SWITCH 


The  CMS-6R4  Console  Management  Switch  is  the  ultimate  tool  for  economical 
Remote  Network  Management.  Six  serial  ports  to  access  you  equipment’s  console 
ports,  Four  power  outlets  to  perform  remote  reboot  or  On/Off  control  plus  an  internal  modem 
with  dial-back  features  for  secure  out-of-band  access  -  all  in  a  space  saving  1U  package!  System 
administrators  can  access  remote  devices  from  anywhere  via  telnet,  dial-up,  local  terminal  or  KVM  switch. 
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Web  Browser  Access  for  Easy  Setup  and  Operation 
Telnet,  Internal  Modem  and  Serial  Access 
Four  individually  Switched  Power  Outlets 
Six  DB-9  Serial  Console  Ports 
Port  Specific  Password  Protection 
Dial-Back  Security  on  Modem  Port 
Requires  Only  One  Rack  Unit 
Non-Connect  Port  Buffering 
Data  Rate  Conversion 
120  VAC  Model  -  NEMA  5-15  Outlets 
208/240  VAC  Model  -  IEC320  Outlets 


I  a  cation:  WT1  Demo  Room,  Irvine,  CA 


Chanoe  Network  Parameters 


Yes,  We  are  Customer  Friendly! 


Visit  Website  for  Complete  NetReach™  Product  Line 

(800)  854-7226  •  www.wti.com 
5  Sterling  •  Irvine  •  California  92618-2517 
(949)  586-9950  •  Fax:  (949)  583-9514 


✓  Two  Year  Warranty 

✓  We  Stock  for  Same  Day  Shipment 

✓  30  Day  Return  Policy 

✓  Call  or  Email  for  an  Online  Demo 


western  telematic  incorporated 


Server  Technology 


How  Do  You  Distribute 
Power  in  Your  Data 


Solutions  for  the  Data  Center  Equipment  Cabinet 


The  Sentry  CDU  distributes  power  for  Blade 
servers  or  up  to  42  dual-power  1U  servers 
in  one  enclosure.  Single  or  3-phase  input 
with  110VAC,  208VAC  or  mixed  110/208VAC 
single-phase  outlet  receptacles. 

Metered  CDU 

>  Local  input  Current  Monitoring 

Smart  CDU 

>  Local  Input  Current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power  Temperatures 
and  Humidity 

Switched  CDU 

>  Local  input  current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power,  Temperatures 
and  Humidity 

>  Remote  Power  Control  of  Each  Outlet 
—  On  /  Off  /  Reboot 


Server  Technology,  Inc.  toll  free  +1.800.835.1 51 5 
1040  Sandhill  Drive  tel  +1.775.284.2000 
Reno,  NV  89521  fax +1.775.284.2065 

USA  www.servertech.com 

sales@servertech.com 
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Current  sniffer  can't  keep  up? 


Clear  out  problems  with  Observer  11.  Now  with  enterprise-strength  VoIP  analysis.  Includes  enhanced  VoIP  troubleshooting, 
integrated  NetFlow  and  sFlow®  support,  MultiHop  Analysis,  and  64-bit  Windows  scalability.  It's  time  to  reset  your  analyzer. 


Wired  to  wireless .  LAN  to  WAN.  One  network  -  complete  control. 


NETWORK 

INSTRUMENTS 


US  &  Canada  UK  &  Europe 

toil  free  800.526.5958  +44  (0)  1 959  569880 

www.networkinstruments.com/analyze 


enhanced  VoIP  support 
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RELAX.  YOU’RE  IN  CONTROL  NOW. 

Manage  remote  offices  from  wherever  you  are. 

Secure  your  Data  Center.  No  software  licensing  fees. 


State  of  the  art  security 

Dependable,  Powerful,  Secure,  Guaranteed 

24/7  Mission  Critical  Reliability 
Industry  Best  Video 
USB,  PS/2,  Serial  Support 
Single,  Dual,  Quad  Models 


::  UltraLink™ 
Digital  KVM  IP 


Digital  KVM  IP 
Switches 

Switch  &  control  1,000s 
of  computers  &  network 
devices  over  IP 

Advanced  Security 
High  resolution 
On-screen  menu 
USB,  PS/2,  Sun,  Serial 


Multi-platform 
KVM  switches 

Switch  &  control  l,OOOs  of 
computers  and  network 
devices 

Advanced  Security 
High  resolution 
On-screen  menu 
USB,  PS/2,  Sun,  Serial 


KVM  Extenders 


Extends  keyboard,  video, 
and  mouse  signals  up  to 
33,000  feet 

Fiber,  CATx 
DVI,  VGA,  High  Res. 
PS/2,  USB,  Sun 
Audio,  Serial 


KVM  Rack  Drawers  Panel  Mount  LCD 


The  most  efficient  way  to 
organize  your  server  room. 

1U  or  2U 

15",  17",  19"  or  20" 
VGA,  DVI 
PS/2,  USB,  or  Sun 
Touchpad  or  Trackball 
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Mounts  vertically  in  a 
standard  19"  rack. 

15",  17",  19",  20",  or  23" 

VGA,  DVI,  S-Video 

Optional  Touchscreen 

Optional  Built-in  KVM  Extenders  , 


ROSE  US  281  933  7673 

ROSE  EUROPE  +44  (0)  1264  85057 

ROSE  ASIA  +65  6324  2322 

ROSE  AUSTRALIA  +617  3388  1540 


www.rose.com 

281  933  7673  800  333  9343 

ROSE  ELECTONICS  10707  STANCUFF  ROAD  -  HOUSTON,  TEXAS  77099 


ROSE 

ELECTRONICS 
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MARKETPLACE  «w» 


Instantly  Search  Terabytes  of  Text 


images 


♦  over  two  dozen  indexed,  unindexed,  fielded  data  and  full-text  search  options 

♦  highlights  hits  in  HTML,  XML  and  PDF,  while  displaying  links,  formatting  and 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet,  email  and 
attachments,  ZIP,  Unicode,  etc.)  to  HTML  for  display  with  highlighted  hits 

♦  Spider  supports  static  and  dynamic  Web  content,  with  WYSWYG  hit-highlighting 

♦  API  supports  .NET/. NET  2.0,  C++,  Java,  SQL  databases.  New. NET/. NET  2.0  Spider  API 


dtSearch®  Reviews 


♦  "Bottom  line:  dtSearch  manages  a  terabyte  of  text  in  a  single  index 

and  returns  results  in  less  than  a  second"  -  InfoWorld 

♦  "For  combing  through  large  amounts  of  data,  dtSearch  "leads  the  market" 

-  Network  Computing 

♦  "Blindingly  fast"-  Computer  Forensics:  Incident  Response  Essentials 

♦  "Covers  all  data  sources  ...  powerful  Web-based  engines"-  eWEEK 

♦  "Searches  at  blazing  speeds"-  Computer  Reseller  News  Test  Center 

♦  "The  most  powerful  document  search  tool  on  the  market"-  Wired  Magazine 
For  hundreds  more  reviews  —  and  developer  case  studies  —  see  www.dtsearch.com 


Contact  dtSearch  for  fully-functional  evaluations 


The  Smart  Choice  for  Text  Retrieval®  since  1991 


1-800-IT-FINDS  •  www.dtsearch.com 
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FACTORY  ORIGINAL  MEMORY 


BRAND  NAME  ORIGINAL  MEMORY 


Order  online  and 
enter  discount  code 
"NETWW5" 
for  5%  off  of 
your  memory  order. 


Buy  Top  Quality 
Original  or 
100%  Compatible 
Memory  for  Your 
Desktop,  Laptop  or 
Server. 


lemory5tore.com 
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877-ADD-RAM9 

(877-233-7269) 


2000  Company 


Terminal  server  vendors,  who  proclaim  that 
they  have  Secore  Out  Ot  Band  products,  rely 
on  RADIUS,  TACACS+  and  other  in-band 
protocols  to  provide  security.  By  inference, 
they  imply  they  secure  out  o!  band  access 
when,  in  tact,  they  otter  only  network  security, 
which  conflicts  with  out  ot  band  access. 


A  true  Secure  Out  ot  Band  Management 
solution  should  provide  strong  security  without 
reliance  upon  network  based  protocols. 


CDI  offers: 

Hardware  encryption  over  dial-up 
and  network  connections 
RSA  certified  SecurlD  authentication 
without  a  network. 

Patented  central  management  of  all 
remote  devices 


Full  NIST,  FIPS  140-2  certifications  *- 

Remote  Power  control  •- 

Homologous  world-wide  approved  •- 
internal  modems 


CDI  has  been  building  encryption  equipment  for  over  fifteen  years.  Our  customers  and  partners  include 
major  financial  institutions,  government  agencies,  major  telcos,  utilities,  and  the  United  States  military. 


Communication  Devices  Inc. 
www.outofbandmanagement.com 


Let  the  Model  135 
Monitor  Your  Site 


The  Model  135  Site  Monitor  is  designed  to  serve  as  your 
"resource  kit”  for  monitoring  and  maintaining  computer, 
communications,  and  specialized  equipment  locations. 

With  a  wide  range  of  built-in  capabilities,  it’s  easy  to  tailor 
a  powerful  site-specific  solution. 

Highlights  include  10/100  Ethernet  and  analog  modem 
connectivity,  serial  port  access  and  text  data  "matching,” 
AC  and  DC  voltage  monitoring,  ping  testing,  and  contact 
closure  inputs  and  outputs.  And  the  web-based  interface 
makes  setup  and  use  a  straight-forward  process. 

For  complete  details  on  the  Model  135,  give  us  a  call  or 
visit  www.gkinc.com/cp/ 
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Gordon  Kapes,  Inc. 

Skokie,  IL  USA  |  Ph  847-676-1750  |  www.gkinc.com/cp/ 


TAP  Into  Your  Network 

www.networkTAPs.com 


Unlike  a  SPAN  port,  TAPs  guarantee  a 
complete  copy  of  full-duplex  data  at  line 
rate  for  your  monitoring  device.  The  result? 
Knowing  you  have  the  entire  picture  before 
making  important  network  decisions. 

Learn  more.  Visit  www.networkTAPs.com 


Copper  nTAPs 

10/100  . $395 

10/100/1000  . $795 

. 

Copper  to  Optical  Conversion  nTAPs 
SX  or  LX . $1,495 

Optical  nTAPs 

One-Channel  . . $295 

Two-Channel  . .  $575 

Three-Channel  §v . $845 

m 


■  ■ 

Choose  from  a  variety  of  configurations,  options,  and  pricing. 

Free  overnight  delivery* 

www.networkTAPs.com  •  1-866-GET-nTAP 


PS  C€  ®  X 


'Free  overnight  delivery  on  all  U.S.  orders  over  $295  confirmed  before  12  p.m.  Central  Time. 
nTAP  and  all  associated  logos  are  trademarks  or  registered  trademarks  of  Network  Instruments,  LLC. 


Production  Tracking  Over  Ethernet 
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Eliminate  your  shop-floor 
PCs  with... 

Ethernet  Terminals  from 
ComputerWise  connected  to 
your  in-house  LAN. 

Capture  production  data 
directly  into  files  on  your 
server. 


Features  £  Benefits 

•  Interactive  Telnet  Client 

•  TCP/IP  over  10/IOOBaseT  Ethernet 

•  Built-in  Barcode  Badge  Reader 

•  Optional  Mag-Stripe  &  RFID  Badge  Reader 

•  Auxiliary  RS-232  Serial  port 

•  Customizable  Data  Collection 

Program  Included  _  _ 

•  Larger  keyboard  and 
display  sizes  available 

CdMirnitWISE. 

Call  1-800-255-3739  or  visit  www.CDmputerwlse.G0in 


info@recurrent.com 

EeCHfikR^t 

3431  De  La  Cruz  Blvd.  Santa  Clara,  CA  95054  i-. 


www.networkworld.com/RM6SF1 


FIBER  OPTIC  SOLUTIONS 


•  Tl/EI  S  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS400  Twinax,  and 
RS6000  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Elhernet/Token  Ring 

•  Video/Audio/Hubs/Repeaters 

•  I S  0  -  9  0  0 1 

•  USB  Modem  and  Hub 
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Toil  Free  866-SITech  1 
630-761-3640,  Fox  630-761-3644 
www.sitech-bitdriver.com  or  www.sitechfiber  com 
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Sales  Offices 


New  York/New  Jersey 

Tom  Davis.  Associate  Publisher,  Eastern  Region 
Elisa  Della  Rccco,  Regional  Account  Director 
Agata  Joseph,  Sr.  Account  Coordinator 
Internet:  tdavis,  elisas,  ajoseph@nww.com 
(201)  634-2300/FAX:  (201)  634-9286 


Northeast 

Elisa  Della  Rocco,  Regional  Account  Director 

Internet:  elisas@nww.com 

(508)  460-3333/FAX:  (508)  460-1237 


Mid-Atlantic 

Jacqui  DiBianca,  Regional  Account  Director 

Internet:  jdibian@nww.com 

(610)  971-1530/FAX:  (610)  975-0837  _ 


Midwest/Central 

Tom  Davis,  Associate  Publisher,  Eastern  Region 
Agata  Joseph,  Sr.  Account  Coordinator 
Internet:  tdavis,  ajoseph@nww.com 
(201)  634-2314/FAX:  (201)  712-9786 


# 


Southeast 

Don  Seay,  Regional  Account  Director 

Internet:  dseay@nww.com 

(404)  504-6225/FAX:  (404)  504-6212 


Northern  California/Northwest 

Sandra  Kupiec,  Associate  Publisher,  Western  Region 
Karen  Wilde,  Regional  Account  Director 
VanessaTormey,  Regional  Account  Director 
Jennell  Hicks,  Regional  Account  Director 
Jennifer  Hallett,  Account  Coordinator 
CyrilTalusan,  Account  Coordinator 
Internet:  skupiec,  kwilde,  vtormey,  jhicks,  ctalusan, 
jhallett@nww.com 

(510)  768-2800/FAX:  (510)  768-2801  

Southwest/Rockies 

Becky  Bogart,  Regional  Account  Director 

Internet:  bbogart@nww.com 

(949)  250-3006/FAX:  (949)  833-2857  

Online/Integrated  Solutions 

Kevin  Normandeau,  Exec.  Vice  President/General  Mgr.,  Online 

Susan  Cardoza,  Associate  Publisher,  Online 

Stephanie  Gutierrez,  Online  Account  Manager 

Debbie  Lovell,  Online  Account  Manager 

Kate  Zinn,  Online  Account  Director 

Denise  Landry,  Account  Coordinator 

LisaThompson,  Account  Coordinator 

Internet:  knormandeau,  scardoza,  sgutierrez,  dlovell, 

kzinn,  dlandry,  lthompson@nww.com 

(508)  460-3333/FAX:  (508)  861-0467 


MARKETPLACE/EMERGING  MARKETS 

Donna  Pomponi,  Director  of  Emerging  Markets 

Enku  Gubaie,  Manager  of  Marketplace/Emerging  Markets 

Caitlin  Horgan,  Manager  of  Marketplace/Emerging  Markets 

Chris  Gibney,  Sales  Operations  Coordinator 

Internet:  dpomponi,  egubaie,  chorgan,  cgibney@nww.com 

(508)  460-3333/FAX:  (508)  460-1192 
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Network  World  Events  and  Executive  j 
Forums  produces  educational  events 
and  executive  forums  worldwide, 
including  our  one  day  Technology  Tours,  j 
customized  on-site  training,  and  executive  forums  such  as  DEMO®, 
DEMOmobile®,  and  VORTEX,  as  well  as  the  DEMOIetter  and  VORTEX  j 
Digest  newsletters.  For  complete  information  on  our  current  seminar 
offerings,  call  us  at  800-6434668  or  go  to  www.networkworld.com/events.  I 


Publicize  your  press  coverage  in 
Network  World  by  ordering  reprints  of 
your  editorial  mentions.  Reprints 
make  great  marketing  materials  and 
are  available  in  quantities  of  500  and 
up.  To  order,  contact  Reprint 
Management  Services  at  (717)  399- 
1900  x128or  E-mail:  networkworld@reprintbuyer.com. 
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“Faster!"- even  if  the  apps  are  inefficient. 

“Faster!”—  even  if  the  architecture  is  weak. 


Who  should  attend? 

>  Network  and  IT  Managers 

>  Network  and  IT  Directors 

>  Directors  of  Operations 

>  CIO’s  and  CTO’s 
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“FASTER!!”- even  if  the  support  is  missing. 

In  the  drive  for  better  performance,  greater  efficiency,  and  better  ROIs,  there’s  just  one  demand,  no 
excuses,  and  dozens  of  questions  you  need  to  answered  fast: 

►  Is  it  better  to  implement  in-house  solutions?  Or  trust  outside  managed-service  providers? 

►  Deploy  dedicated,  single-benefit  appliances?  Or  build  flexible,  enterprise-wide  platforms? 

►  Be  lean,  technically-efficient,  and  centrally-driven?  Or  scalable,  management-transparent,  and  user-accessible? 

►  Sacrifice  a  little  security  for  a  lot  of  speed?  Or  sacrifice  guaranteed  profits  for  uncertain  protection? 

The  fastest  way  to  arrive  at  a  solution?  Attend  Network  &  Application  Acceleration:  Shifting 
to  a  Higher  Gear  the  new  Network  World  LIVE  Technology  Tour  event  coming  in  October.  Let 
industry  expert  Jim  Metzler  accelerate  your  understanding  of  the  truths  and  tradeoffs  of: 

Server  Consolidation  •  Compression  •  Caching  •  Differencing  •  Read  Ahead  •  TCP  acceleration  •  Route 
Control  •  QoS  •  MPLS  •  SSL  Offload  •  Load  Balancing  •  Wide-Area  File  Systems  (WAFS) 

This  is  the  kind  of  inside,  fast-lane  knowledge  you  need  in  today’s  world  of  network  and  appli¬ 
cation  acceleration.  And  the  only  way  to  this  expertise  free  is  to  reserve  a  seat  for  at  this  event 
for  yourself.  After  all, your  enterprise’s  need  for  speed  is  relentless.  And  thanks  to  Network 
World,  there’s  no  excuse  for  falling  behind! 
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Microsoft 

continued  from  page  1 

on  64-bit  desktop  systems,  which 
are  not  prevalent  in  the  enterprise 
but  are  expected  to  ramp  up. 

The  other  feature  is  Vista’s 
Windows  Security  Center,  which 
can  not  be  turned  off.  McAfee  offi¬ 
cials  say  that  means  third-party 
vendors  can’t  install  their  own 
security  management  consoles. 

“Microsoft  will  have  to  budge  on 
this,  say  worst-case  scenario  in 
Service  Pack  1  ”  says  John  Fesca- 
tore,  an  analyst  with  Gartner.  “It’s 
not  a  major  issue  now,  but  you 
look  out  a  couple  of  years  and  it 
will  be. Microsoft  has  to  make  sure 
there  is  a  level  playing  field.” 

With  SPP  the  question  is  what 
the  playing  field  will  look  like. 

Some  are  already  playing  what- 
ifs,  especially  given  that  servers 
and  server  applications,  such  as 
Exchange  and  SQL  Server,  will 
eventually  incorporate  SPP  Also, 
Microsoft  will  support  SPP  in  cur¬ 
rent  and  future  reporting  and  asset 
management  tools  such  as  System 
Center  Operations  Manager. 

“On  paper  it  might  sound  pretty 
good,  but  we  have  to  see  how  it 
works,”  says  Jeff  Allred,  manager  of 
network  services  for  the  Duke 
University  Cancer  Center  in  Dur¬ 
ham,  N.C.  One  of  his  concerns  is 
that  a  reduced  functionality  mode 
kicks  in  three  days  after  changing 
out  a  motherboard  in  a  server  if 
the  software  is  not  revalidated. 

“We  change  out  motherboards 
in  our  servers  all  the  time,”  he 
says.  The  provision  only  covers  a 
swap  with  a  non-OEM  mother- 

Reduced 

^nationality 

If  a  Vista  desktop  goes  into 

Reduced  Functionality 

Mode,  the  user  will  get  a 

very  different  experience, 

including: 

*  No  start  menu. 

*  Desktop  icons  removed. 

*  Desktop  background  changed  to 

black. 

•»  User  automatically  logged  out 
after  one  hour  without  warning 
(but  car.  sign  back  iri). 

*  Aero,  ReadyBoost  features 
disabled. 

*»  Some  Windows  Defender  features 
lost. 


Step  program  for  Volume  Activation  2.0 

Microsoft  says  that  its  new  methods  for  activating  volume- 
licensed  products  may  require  some  additional  planning  and 
management.  The  company  offers  five  steps  users  will  have 
to  consider  to  figure  out  the  best  plan  for  their  organization. 

1.  Learn  how  Volume  Activation  2.0  functions  using  the  Business  Desktop  Deployment 
guide. 

2.  Determine  which  computers  can  run  under  the  Volume  Activation  2,0  solution 
(must  have  more  than  25  computers  to  use  Volume  Activation  2.0), 

3.  Install  the  Key  Management  Service  to  support  activations  that  need  to  be 
validated  every  180  days. 

4.  Set  up  reporting  and  ongoing  maintenance/troubeshooting  using  a  Microsoft 
Operations  Manager  add-on,  the  new  Volume  Activation  Management  Tool  or  a  third- 
party  application. 

5.  Distribute  support  scripts  to  help  desk  to  handle  such  issues  as  conversion  from 
Volume  Activation  system  to  one-time  activation  system. 


board,  which  Allred  admits  does¬ 
n’t  happen  often. 

“But  if  you  start  linking  software 
or  [operating  system]  validation 
with  hardware  the  room  for  things 
to  break  is  huge,”  he  says. 

He  also  is  concerned  about  an 
SPP  component  called  the  Key 
Management  Service  (KMS), 
one  of  two  options  that  acts  as  a 
source  internally  to  activate 
software. 

“We  run  several  terminal  servers, 
including  a  licensing  server.  The 
other  morning  people  are  calling 
my  help  desk  and  saying  there  are 
no  more  terminal  server  licenses.  I 
immediately  log  in  to  the  license 
server  and  35  are  available.  A  blip 
like  that  could  be  crippling  if  the 
key  service  does  not  function 
properly^  Allred  says. 

Under  SPP  which  debuts  in 
Windows  Vista  and  Longhorn 
Server,  Microsoft  software  that  is 
found  not  to  be  genuine  will 
warn  the  user  and  eventually  go 
into  reduced-functionality  mode 
(RFM)  until  it  is  activated  with  a 
product  key. 

The  majority  of  consumers  and 
businesses  buying  OEM  machines 
will  have  their  software  preacti¬ 
vated,  but  SPP’s  Volume  Activation 
2.0  provision  will  change  the 
game  for  corporations. 

Microsoft  says  users  will  have 
better  tracking  for  their  installa¬ 
tions,  better  compliance  tools  and 
better  license  management. 

“SPP  involves  an  added  step, 
which  is  the  IT  pro  has  to  do  some 
planning,”  says  Thomas  Linde- 
man,  senior  product  manager  for 
SPP’But  we  are  confident  that  the 
planning  and  deployment  will  be 
a  small  impact  overall  in  the  de¬ 
ployment  of  Vista.” 


But  users  want  more  details, 
such  as  how  RFM  works  on  Long¬ 
horn  Server.  For  now,  RFM  is  only 
defined  for  Vista. 

Today,  volume-licensing  cus¬ 
tomers  purchase  software  bits 
and  use  product  keys  to  install 
and  activate  those  bits  on  com¬ 
puters.  Under  SPP  volume¬ 
licensing  customers  can  use  a 
multiple  activation  key  (MAK) 
to  conduct  a  one-time  activa¬ 
tion  directly  with  Microsoft  on 
desktops  and  servers  or  a  KMS 
deployed  internally. 

With  the  KMS,  servers  and  desk¬ 
tops  would  have  to  reactivate 
every  180  days,  excluding  a  30-day 
grace  period  to  correct  any  failed 
activations.  The  KMS,  which  can 
be  hosted  on  Vista  or  Longhorn, 
would  store  all  keys  encrypted  in 
a  centralized  store,  whereas  today 
those  product  keys  are  stored  on 
the  individual  computers. 

In  spring  2007, Microsoft  plans  to 
port  KMS  to  Windows  Server  2003 
and  add  management  features  for 
KMS  to  System  Center  Manage¬ 
ment  Server  (formerly  Systems 
Management  Server).  In  addition, 
there  will  be  an  open  API  and  a 
Windows  management  interface 
for  use  with  third-party  applica¬ 
tions  such  as  Tivoli  for  checking 
the  activation  status  of  a  machine. 

The  KMS  will  require  users 
have  a  minimum  of  25  Vista  desk¬ 
tops  or  five  Longhorn  servers. 
Those  that  fall  short  will  use  the 
MAK  option. 

“The  bigger  issue  is  that  all  this  is 
a  good  indication  of  what  we  can 
expect  from  Microsoft  going  for¬ 
ward,”  says  A1  Gillen,  an  IDC  ana¬ 
lyst.  “It  will  continue  to  tighten 
down  loopholes  and  make  it  hard¬ 
er  to  pirate  Microsoft  software.”® 


Data  Domain  adds  to 
backup  performance 

BY  DENI  CONNOR 

Data  Domain  plans  to  announce  this  week  a  disk-based  backup  and 
recovery  appliance  that  is  faster  and  has  more  capacity  than  the  com¬ 
pany’s  virtual  tape  library  offerings. 

The  new  gear  consists  of  the  DDX  Series  appliance  and  two  con¬ 
trollers,  the  DD560  and  DD560/g.The  DDX  Series,  which  is  powered  by 
an  Intel  Xeon  controller,  offers  as  much  as  6.4TB  per  hour  of  through¬ 
put  and  as  much  as  15  petabytes  of  capacity  It  features  as  many  as  16 
DD560  or  DD460  controllers  and  storage  in  a  single  configuration. The 
DD560  and  DD560/g  have  a  throughput  of  400GB  per  hour  and  a  max¬ 
imum  capacity  of  980TB. 

“We  do  all  our  incremental  as  well  as  our  weekly  backups  to  the  Data 
Domain  appliance  and  then  take  our  weeklies  to  tape,”  says  Paul 
Scheib,  director  of  operations  and  CISO  at  Children’s  Hospital  in 
Boston,  which  has  deployed  two  new  DD560s  and  several  DD400s. 

The  DDX  Series  can  be  deployed  across  320  remote  locations  and  can 
be  used  for  multisite  disaster  recovery 

All  of  Scheib’s  Data  Domain  appliances  are  in  a  remote  secondary 
data  center.  “We  run  our  backups  across  the  fiber-optic  network,”  he 
says.'Tf  the  appliances  were  in  a  data  center  where  our  servers  are,  if  we 
lost  the  data  center  for  some  reason,  we  wouldn’t  have  the  safety  of  a 
remote  site  backup.” 

The  DDX  Series  uses  the  same  operating  system  as  previous  appli¬ 
ances.  It  is  available  as  the  DD560,an  appliance  that  integrates  storage 
capacity  with  the  controller,  or  as  the  DD560/g,  which  is  a  gateway  that 
connects  to  other  vendors’  storage. 

Data  Domain  appliances  also  deduplicate  backup  data  inline.  After 
the  initial  backup,  the  Data  Domain  software  reduces  the  amount  of 
data  stored  by  saving  unique  elements  of  data  to  disk. 

“Data  Domain  is  raising  the  bar  in  terms  of  scalability  by  moving  disk- 
based  data  protection  and  deduplication  into  the  mainstream  as  an 
alternative  offering  to  traditional  enterprise  VTL  solutions,”  says  Greg 
Schulz, senior  analyst  at  StoragelO. 

The  DDX  Series  competes  with  VTL  offerings  from  Copan  Systems,  HP 
and  EMC.  Unlike  the  appliances  from  these  vendors,  Data  Domain’s 
new  products  include  data  deduplication  technology  and  with  its 
DD560/g  appliance,  network-attached  storage  connectivity 

The  DD560  and  DD560/g  support  a  64-bit  operating  system  and  Data 
Domain’s  Replicator  for  WAN  Vaulting  for  disaster  recovery  The  DDX 
Series  starts  at  $95,000  for  100TB  Serial  Advanced  Technology 
Attachment  storage.  ■ 
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ForcelO  switches  take  aim  at  wiring  closets 


BY  PHIL  HOCHMUTH 

ForcelO  Networks  plans  to  enter 
the  LAN  edge/wiring  closet  mar¬ 
ket  this  week  with  new  switches 
that  bring  data-center  scale  and 
resiliency  to  the  LAN  edge. 

ForcelO  says  its  new  S-Series 
stackable  switches  can  handle 
most  of  the  tasks  required  by 
users,  including  powering  IP 
phones  and  Wi-Fi  access  points, 
providing  port-level  security  as 
well  as  fault-tolerant  network  con¬ 
nections.  The  company  says  it  has 
added  big  bandwidth,  low  latency 
and  resilient  hardware  from  its 
high-end  data  center  and  core 
products,  which  make  the  new  S- 
Series  a  solid  choice  for  a  wiring 
closet  box. 

The  S-Series  S50V  is  a  48-port 
10/ 100/ 1000Mbps  switch  with 
Power  over  Ethernet  support  on 
all  triple-speed  ports.lt  can  be  out¬ 
fitted  with  as  many  as  four  option¬ 
al  10G  Ethernet  uplinks  ports,  or 
Gigabit  ports  for  connecting  to  a 
LAN  aggregation  or  core  layer. The 
S-Series  S25V  is  a  24-port  switch 
with  two  models:  one  with  24  cop¬ 
per-based  Gigabit  Ethernet;  anoth¬ 
er  with  all  100BaseFX  fiber,  aimed 
at  the  government  market,  where 
fiber  is  required  for  security  rea¬ 
sons,  Force  10  says. 

All  three  switches  can  be 
stacked  in  configurations  of  as 
many  as  eight  boxes.  With  the 
S50Vs,  connections  up  to  96Gbps 
of  stacking  bandwidth  can  be  cre¬ 
ated  among  switches  in  an  eight- 
box  stack.  (The  switches  support 
288Gbps  of  switching  bandwidth). 

The  S-Series  switches  also  sup¬ 
port  the  802. lx  protocol  for 
authenticating  user  devices  at  the 
port  level.  When  working  with  a 
standards-based  RADIUS  authen¬ 
tication  server,  802.  lx  enables  the 
switch  to  act  as  an  authentication 
gateway  for  wired  or  wireless 
clients  connecting  to  the  network. 

The  new  S-Series  switches  are 
tweaked  versions  of  Force  10’s  pre¬ 
viously  released  S50  switch  for 
data  centers.  While  ForcelO  is 
entering  a  crowded  and  largely 
commoditized  LAN  edge  switch 
market  —  the  S50V  competes 
with  switches  such  as  Ciscos 
Catalyst  3500  and  3700  series,  as 
well  as  3Com’s  SuperStack, 
Nortel’s  BayStack  5000,  Foundry 
Networks’  Fastlron  600  and 
Extreme  Networks’  Summit  400 
series  switches  —  the  company 
says  its  customers  have  been 
clamoring  for  such  a  box  from  the 


vendor. 

At  Purdue  University,  in  West 
Lafayette,  Ind.,40  of  the  stackable 
switches  are  deployed  in  12 
wiring  closets  across  the  depart¬ 
ment  of  computer  science’s  newly 
opened  building.  A  ForcelO  E300 


switch  serves  as  the  core  switch 
for  the  department’s  network  and 
connects  to  wiring  closets  via  10G 
Ethernet. 

“There’s  a  common  perception 
[about]  ForcelO  that  they’re  really 
just  a  data  center  [switch  maker]  ” 


says  Tim  Korb,  assistant  head  of 
Purdue’s  computer  science 
department.  The  high  switching 
capacity  on  the  stackable  boxes 
provides  enough  bandwidth  for 
student,  faculty  and  research  pro¬ 
jects,  such  as  data  mining  and 


geometric  modeling. 

The  ForcelO  S50V  starts  at 
around  $9,000  and  the  S25  costs 
$10,000.  Pricing  for  both  switches 
excludes  the  cost  of  10G  Ethernet 
uplinks  modules,  which  can  range 
from  $2,000  to  $5,000  per  port.B 
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BACKSPIN 


Mark  Gibbs 


leader  Louis  Smith 
dropped  me  a  note 
l  the  other  day  to  tell 
me  a  story:  “I  am  a  support 
engineer  for  a  large  tech¬ 
nology  company  and  I  recently  purchased  a  Maxtor  exter¬ 
nal  Shared  Storage  Drive.  However,  there  was  one  feature 
that  was  not  working  —  the  sync  feature  that  keeps  the 
external  drive  in  sync  with  the  source  drive.” 

This  feature  is  important  to  Smith  so  he  went  through 
the  logical  route  to  find  a  solution;  he  checked  the  com¬ 
pany’s  online  Web  support,  called  the  standard  technical 
support  line  and  so  on. 

“Long  story  short,  I  was  told  (I  actually  have  the  quote  in 
writing  from  their  Tier  3-level  support)  that  the  problem  is 
with  my  computer . . .  that  my  registry  is  corrupted.”  We  can 
all  see  that  this  was  a  desperate  conclusion  on  the  part  of 
tech  support,  but  Smith  was  not  so  easily  thwarted.“Now, 
at  this  point,  I  could  have  easily  purchased  another  prod¬ 
uct,  but  for  the  fun  and  the  challenge  1  stuck  with  it.” 

1  think  we  can  all  agree  that  Smith  is  either  made  of 
stern  stuff  or  a  card-carrying  masochist.  We  shall  see. . . . 

“I  started  taking  ethereal  packet  captures  and  sysinfo  and 
a  ton  of  other  info  . . .  and  insisted  they  send  it  to  their  engi¬ 
neering  group.  It  wasn’t  until  I  sent  an  e-mail  to  the  board 
of  directors  that  my  issue  received  the  appropriate  atten¬ 


The  trouble  with  vendor  support 

R 


tion.  And  guess  what?  It  turns  out  there  is  in  fact  a  bug  that 
I  found  . . .  that  affects  anyone  that  has  a  computer  without 
a  floppy  drive  (like  the  millions  of  Dell  D600s  out  there).” 

Smith  wound  up  burning  a  lot  of  time  making  phone 
calls,  trying  out  Maxtor’s  debug  code  and  giving  the  com¬ 
pany  feedback,  and  was  ultimately  the  reason  Maxtor 
solved  a  serious  problem. 

What  I  realized  from  this  story  is  that  Maxtor  has  gone 
over  the  customer  care  event  horizon.  Just  as  stars  col¬ 
lapse  to  a  point  and  effectively  drop  out  of  the  universe, so 
do  companies  drop  out  of  customer  care  when  they  get 
to  a  certain  size. 

But  above  and  beyond  Maxtor’s  apparently  cavalier  atti¬ 
tude  to  putting  a  paying  customer  through  the  support 
wringer,  what  stands  out  is  that  it  is  almost  always  incredi¬ 
bly  difficult  for  technical  people  to  get  anything  approxi¬ 
mating  true  technical  support. 

What  we  usually  get  is  support  that  leads  us  through  the 
inevitable  maze  of  dumb  questions  that  only  someone 
less  intelligent  than  a  bag  of  bolts  should  be  asked. 

Perhaps  what’s  needed  is  some  kind  of  registry  for 
techies.Then  when  you  called  a  company  you’d  give  your 
number  and  they  would  immediately  transfer  you  to  a 
real  tech  support  guy 

Nah.This  will  never  happen  for  the  same  reason  that 
when  a  Windows  application  or  Windows  itself  crashes 


and  you  let  the  Windows  reporting  system  send  the  crash 
details  back  to  the  Redmond  mothership  you  never  hear 
anything.  When  you’ve  crossed  the  customer  service  event 
horizon  customer  satisfaction  no  longer  matters. 

You  can  see  this  clearly  when  you  get  up  to  the  scale  of 
really  big  companies  such  as  Cingular.  I  had  to  have  a  bro¬ 
ken  cell  phone  replaced  over  the  weekend  and  my  call 
took  93  minutes.  I’m  leaving  out  the  20  minutes  I  wrestled 
with  Cingular’s  Web  site  to  do  the  same  thing.The  online 
time  was  wasted  because  Cingular’s  Web  site  didn’t  recog¬ 
nize  my  phone’s  serial  number  (even  though  they  had 
sold  it  to  me)  and  then  the  Web  site  crashed.  Sigh. 

It’s  true  that  Maxtor’s  board  did  care  enough  to  get  things 
moving,  but  it  didn’t  care  enough  to  follow  it  through.'Ah” 
you  might  expostulate, “surely  the  board  has  bigger  fish  to 
fry  than  one  little  problem.”  1  would  argue  that  it  didn’t.  If  it 
wants  to  capture  the  hearts  and  minds  of  customers  then 
there’s  no  such  thing  as  a  little  customer  problem  —  each 
one  should  be  treated  as  a  four-alarm  fire. 

So,  in  case  you  were  wondering  what  Maxtor  did  for 
Smith  to  recognize  his  contribution  to  its  ongoing  corpo¬ 
rate  profitability  the  answer  is,  you  guessed  it,  nothing.  Bet 
you  weren’t  surprised. 

Get  feedback  support  at  backspin@gibbs.com  or  on 
Gibbsblog. 
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News,  insights  and  oddities 


IVR  hell:  ‘Oh,  great,  now  you  tell  me’ 


So  I'm  on  the  phone  to  my  health  insurance  provider, 
Pcllli  McNamara  Cigna  Healthcare,  and  I’m  dealing  with  one  of  those 

fancy-pants  IVR  systems  that  utilize  voice-recognition 
technology  so  that  you  don’t  have  to  keep  punching  buttons. 

When  these  things  work  well  they’re  a  modern-day  marvel,  even  though  the  voices 
are  always  a  little  bit  creepy.That  morning?  . . .  Not  so  marvelous. 

The  reason  for  my  call  was  that  the  insurance  provider  had  recently  issued  my  family 
new  cards  but  neglected  to  send  one  for  our  son  Max. This  is  a  fairly  common  occur¬ 
rence  in  our  household  because  databases  seem  to  have  trouble  accepting  that  three 
children  in  one  family  can  have  the  exact  same  birth  date,  thus  one  of  our  5-year-old 
triplets  will  often  be  treated  as  a  data-input  error  instead  of  an  actual  human  being  in 
need  of  a  health  insurance  card. 

No  big  deal,  we’ve  learned  to  just  make  the  phone  call  and  move  on. 

“Thank  you  for  calling,”  the  voice  says. 

Question  1:  Do  you  have  Cigna  insurance? 

Mo:  Yes. 

Question  2:  Is  this  about  a  bill  or  a  statement? 

Me:  No. 

Question  3:  Is  this  about  eligibility  or  when  coverage  begins? 

Me:  No. 

Question  4:  None  of  these? 

ivY-  Correct  (I’m  thinking  two  things  here:  that  "yes”  or  “no”  could  be  misinterpreted 
mere  by  o  human  being,  never  mind  a  machine;  and,  what,  do  I  stutter?). 

Question  5:  Does  your  membership  number  begin  with  a  letter? 

Me:  Yes. 

Question  6: Tell  me  that  membership  number. 

Mr.:  i  comply  while  trying  to  imagine  the  purpose  of  Question  No.  5  if  they  could  get 
the  answer  from  Question  No.  6  a  few  seconds  later. 


Question  7:  (The  number  is  read  back  to  me.)  Is  that  correct? 

Me:  Yes  (sigh). 

Question  8:  What’s  the  date  of  birth  of  the  person  you’re  calling  about? 

Me:  I  comply,  smugly,  because  having  three  children  with  the  same  birthday  makes 
remembering  it  such  a  snap. 

The  voice  assures  me  that  I'm  getting  close  to  being  able  to  speak  with  a  human 
being,  but  first  I’ll  need  to  answer  one  more  question: 

Question  9:  What  type  of  coverage  are  you  calling  about,  medical  or  dental? 

Me:  Medical. 

A  woman  —  an  actual  human  being  —  says  hello,  then:  “I'm  sorry,  but  we’re  experi¬ 
encing  a  system  failure,  could  you  call  back  later?” 

“Uh,  sure,”  I  mutter  while  asking  myself  why  the  creepy  mechanical  voice  couldn’t 
have  told  me  that  nine  questions  earlier. 

A  half-hour  later  I  call  back.  Same  nine  questions;  same  nine  replies  —  Questions  10 
through  18,  if  you’re  keeping  score  at  home. This  time  I  get  a  different  human  being. 

Question  19:  "Are  you  calling  about  your  son  today?" 

Me:  “Yes,  one  of  them,"  I  say,  while  wondering  how  she  knew  that,  because  we  have 
two  boys  and  a  girl,  but  most  of  all  welcoming  the  relief  that  comes  with  the  knowledge 
that  you’ve  finally  found  the  person  who's  going  to  help  you  with  your  problem. 

Question  20:  “For  security’s  sake,  what  is  your  date  of  birth?" 

Me:  (Thinking  but  not  saying,  geesh)  I  comply. 

Question  21:  "What  can  I  help  you  with?” 

Me:  “One  of  my  sons  didn't  get . . .” 

Questions  22:  “Could  you  call  back  later?  I’m  sorry,  but  our  system  is  down.” 

I  decided  that  maybe  I’d  call  back  another  day. 

A  human  being  answers  the  phones  at  Network  World  (most  of  the  time),  but  the  best  way 
to  get  me  is  here:  buzz@nww.com. 
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